perlboy
commented
4 years ago ES256 is allowed under FAPI but requires elliptic curve certificates from the Register.
The last guidance from the DSB is that ES256 is supported: https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/35
But it is impossible to test because the ACCC Register uses RSA certificates: https://github.com/cdr-register/register/issues/36#issuecomment-617395376
Removal of ES256 is a modification of the underlying Standard and also damages future state where elliptic curve is a preferred CA signing mechanism.
Nonetheless, on this basis the RegistrationProperties is correct albeit improbable until the Register CA uses EC certs.
ES256 is present as a value for a number of properties in RegistrationProperties.
ES256 was removed from the InfoSec profile (https://github.com/ConsumerDataStandardsAustralia/infosec/issues/66)
This was raised by NAB back in #25 but doesn't appear to have been addressed. Noting #25 is yet to be closed but a significant period of time has passed since it was opened.