[Pki-users] Modifying the caUserCert Profile to cause Firefox to generate certificate requests with EC keys?
Price, Bill
wprice at mitre.org
Tue Aug 26 17:59:03 UTC 2008
I would like to modify the caUserCert profile to so that the resulting
certificate requests are for EC keys. The existing profile appears to
be hardwired for an RSA key. I didn't find any documentation for EC
keys. I would appreciate any information regarding how to cause a
firefox browser to generate an ECC pair and submit it to the CA. If
anyone has succeeded and would share the profile config file, I'd
appreciate it. Some questions I have are: what is the keytype? (EC,
ECC, ECDSA); What keylengths should be used (ECC lengths -256 or RSA
equivalents)? Should the signing algorithm be changed? If so, what are
the allowable names? Does anything else have to be changed such as the
html templates or class files?
Thanks.
Bill Price
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20080826/9f9bf54f/attachment.htm>
More information about the Pki-users
mailing list