Home
In our previous note (see "Applet 1.7 eID cards with ECC certificates" ) it was announced that it would be possible for citizens to replace the certificates on their old cards (with RSA keys and RSA certificates) with the most recent type of ECC certificate . This note also described all the technical details you might need to prepare your systems for this. With this note we wish to inform you that the changes announced at that time will go live on 11/09/2023.
The official announcement of this change can be found on the forum at eid-middleware-dev
Applet 1.7 cards that will be re-keyed will now get certificates (authentication and non-repudiation) signed by citizen and foreigner CA’s that have an EC key, and which in turn will be signed by an EC Belgian Root CA.
The RRN certificate is now an EC RRN certificate that falls under an EC Belgian rootCA. The signature files (EF SGN#ID and EF SGN#Address), that will be re-created during the re-keying on the eID card, will now be in the EC format like on the applet 1.8 eID cards.
The technical information about this change can be found in the addendum on our documentation at applet 1.7 card content addendum
The official announcement of this change can be found on the forum at eid-middleware-dev
Due to a policy change enforced by the CA/B forum (browser community and CA’s), the Belgian Root CA 2,3 and 4 will no longer be automatically trusted by the browsers. More information can be found on this page.
An official communication has been be sent to developers to announce the planned release of a new version of the card applet (version 1.8, whereas the current applet version is 1.7).
More information can be found on the Applet 1.8 page.