Add country public keys

[Divide-By-0]

We can make this a more general public key registry, by also supporting ICAO country public keys. This will require making some scripts to hit and parse those URLs, and also noting all existing keys as RSA and the new keys as ECDSA/RSA etc as needed. Note that while many keys are on ICAO's PKD, many are on country-specific sites.

[Divide-By-0]

The parsing logic can be found here: https://github.com/zk-passport/proof-of-passport/tree/main/registry

The key download sites are here: https://download.pkd.icao.int/

[foolo]

As a preparation, I think we need to extend the database structure for this. At the moment there are only DomainSelectorPair and DkimRecord (each DomainSelectorPair has many DkimRecords). So we should think about what would be the best solution here.

[foolo]

Related: openpassport-org/openpassport#110

[foolo]

Florent, [2024-06-15 17:46]
you can see the latest version of our code to parse certificates from the ICAO list here:
https://github.com/zk-passport/proof-of-passport/tree/dev/registry

Florent, [2024-06-15 17:47]
And we recently shipped this map that for now only contains DSCs but will soon contain CSCAs
https://map.proofofpassport.com/
For context there are two levels of certificates, top ones (CSCAs) and intermediate ones that sign passports (DSCs)

https://github.com/zk-passport/proof-of-passport/tree/dev/registry
Florent, [2024-06-15 17:49]
by running the scripts here you should be able to get all the certificates, DSCs and CSCAs from the ICAO registry.
It’s on the dev branch