The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
RHCA (root CA) should be able to facilitate e-passport issuing CAs.
Technically, it is just the matter of issuing certificates with the
right group of extensions (as per the ICAO 9303 document)
This issue was migrated from Pagure Issue #2408. Originally filed by ddas@redhat.com on 2016-07-20 21:52:26:
RHCA (root CA) should be able to facilitate e-passport issuing CAs. Technically, it is just the matter of issuing certificates with the right group of extensions (as per the ICAO 9303 document)
e-passport must be in compliant with the ICAO 9303 specification. In particular, part 12 of "Public Key Infrastructure for MRTDs".