From: Tomas G. <to...@pr...> - 2009-10-15 06:21:01
|
It is expected and stated in the EAC standard. The whole certificate chain for an EAC passport must use the same algorithm. This means that Country B must create a new DV with the same algorithm of country A, and send the request from that DV to country A. It is the responsibility of the country with the DV to see to that the requests sent to another countrys CVCA uses that CVCAs algorithm. Regards, Tomas stupidtss wrote: > In my testing, CA & DV of Country A is using ECDSA as signing algorithm and > that of Country B is RSA. The CA of Country A cannot process cert request > from DV of Country B and also the vice versa. Is this expected or if it > indicates that there is something wrong, say, in my settings? > > Thanks. |