Replacement of RSA certificates with ECC certificates – Switchover date
205 views
Skip to first unread message
Frederik Vernelen
Jun 27, 2023, 2:23:07 PM6/27/23
to eID Middleware Dev
Dear developers,
In our previous note of 15/09/2022 it was announced that it would be possible for citizens to replace the certificates on their old cards (with RSA keys and RSA certificates) with the most recent type of ECC certificate . This note also described all the technical details you might need to prepare your systems for this.
With this note we wish to inform you that the changes announced at that time will go live on 11/09/2023.
Kind regards,
The eID Service
In our previous note of 15/09/2022 it was announced that it would be possible for citizens to replace the certificates on their old cards (with RSA keys and RSA certificates) with the most recent type of ECC certificate . This note also described all the technical details you might need to prepare your systems for this.
With this note we wish to inform you that the changes announced at that time will go live on 11/09/2023.
Kind regards,
The eID Service
Lisa
Jun 30, 2023, 4:57:20 AM6/30/23
to eID Middleware Dev
Hi Frederik,
Would you know if there is any impact if our entity only reads out and forwards eID data?
We tested with eaZySet V1.7 eID Card Testing Kit and eaZySet V1.8 eID Card Testing Kit.
Should we perform new tests with the "rekeyed eID test card" to implement this change?
We tested with eaZySet V1.7 eID Card Testing Kit and eaZySet V1.8 eID Card Testing Kit.
Should we perform new tests with the "rekeyed eID test card" to implement this change?
We have tried to figure this out for ourselves, but are having a hard time getting around to it.
Thanks in advance for your help!
Op dinsdag 27 juni 2023 om 20:23:07 UTC+2 schreef Frederik Vernelen:
Frederik Vernelen
Jun 30, 2023, 5:11:48 AM6/30/23
to eID Middleware Dev
Hello Lisa,
If changes are needed for only reading out (and verifying) data will depend on how you do the data integrity verification.
The signatures on the eID data will now be replaced by EC signatures instead of RSA signatures. (see point 3, or the addendum at https://github.com/Fedict/eid-mw/blob/master/doc/sdk/documentation/Applet%201.7%20eID%20Cards/Belgian%20Electronic%20Identity%20Card%20(applet%201.7)%20content%20addendum.pdf).
So if your app figures this out based upon the RRN cert that is present on the card, then there should be no issue.
But if it is decided depending on e.g. the applet version, then some changes will need to be made.
Wkr,
Frederik
--
You received this message because you are subscribed to the Google Groups "eID Middleware Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to eid-middleware-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/eid-middleware-dev/a5e65df0-9f64-4078-8a75-ca8f8c37ca9dn%40googlegroups.com.
Aline Flamant
Jul 11, 2023, 9:54:56 AM7/11/23
to Frederik Vernelen, eID Middleware Dev
Hi Frederik,
Thank you very much for your swift reply and explanation.
Kind regards
Van: eid-middl...@googlegroups.com <eid-middl...@googlegroups.com> namens Frederik Vernelen <frederik...@gmail.com>
Verzonden: vrijdag 30 juni 2023 11:11
Aan: eID Middleware Dev <eid-middl...@googlegroups.com>
Onderwerp: Re: [eid-mw-dev] Re: Replacement of RSA certificates with ECC certificates – Switchover date
Verzonden: vrijdag 30 juni 2023 11:11
Aan: eID Middleware Dev <eid-middl...@googlegroups.com>
Onderwerp: Re: [eid-mw-dev] Re: Replacement of RSA certificates with ECC certificates – Switchover date
You received this message because you are subscribed to a topic in the Google Groups "eID Middleware Dev" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/eid-middleware-dev/6a7X2_5bDTQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to eid-middleware-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/eid-middleware-dev/CAMhP2VC6LS_rZaJQJTn5wEaywQ%2Bk9CWdD8orvPfGh3LL5H9GoA%40mail.gmail.com.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/eid-middleware-dev/6a7X2_5bDTQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to eid-middleware-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/eid-middleware-dev/CAMhP2VC6LS_rZaJQJTn5wEaywQ%2Bk9CWdD8orvPfGh3LL5H9GoA%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages