I would like to modify the caUserCert profile to so that the resulting
certificate requests are for EC keys. The existing profile appears to
be hardwired for an RSA key. I didn't find any documentation for EC
keys. I would appreciate any information regarding how to cause a
firefox browser to generate an ECC pair and submit it to the CA. If
anyone has succeeded and would share the profile config file, I'd
appreciate it. Some questions I have are: what is the keytype? (EC,
ECC, ECDSA); What keylengths should be used (ECC lengths -256 or RSA
equivalents)? Should the signing algorithm be changed? If so, what are
the allowable names? Does anything else have to be changed such as the
html templates or class files?
Thanks.
Bill Price
Show replies by date