> The signature on a certificate is made using the key of its parent CA. So
> that means that the parent CA uses an RSA key and not an ECDSA key.
I thought the spec says the cert should be signed with the same key type. Not
sure which spec, sadly. :( And that consensus was that this is a mistake.
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: [email protected]; Twitter: RichSalz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
