top | item 31936575

(no title)

spinny | 3 years ago

And the cert chain on those is valid. i took a peek when i got mine the certificates (at the time) were issued by a sub-ca which by the name seems to be a gov entity and issue id card certs only. don't remember which company owned the root cert of the signing chain (it was a one of the common root cert used by browsers)

The choice of rsa2048 is probably because of the card specs. it couldn't handle 4096 keys (this was maybe 10+ years ago) from what i've read at the time

discuss

No comments yet.