EST ID and Device ID certificates default to using different key types

[AlexN-SFV]

I'm setting up my service to use dps provisioning using x509 certificates from an est server using an est bootstrap certificate.
I noticed that the est id certificate keys are hard coded to use 256 bit EC keys by default, but the device id certificate is set to use 2048 bit RSA keys.

iot-identity-service/cert/aziot-certd/src/lib.rs

Line 498 in 8448389

Some("ec-p256:rsa-4096:*"),

iot-identity-service/identity/aziot-identityd/src/identity.rs

Line 846 in 8448389

.create_key_pair_if_not_exists(identity_pk, Some("rsa-2048:*"))

It would be nice if they were consistent so I didn't have to configure my EST server to handle both types of certificate signing requests, or even better if there was somewhere in the configuration where the preferred algorithms for these keys could be set.

[arsing]

Hmm, both of those are wrong, actually. They should both be ec-p256:rsa-2048:*

[AlexN-SFV]

Now in the latest version, since the EST ID keys are summarily deleted before attempting to get an EST certificate, I can't even choose the algorithm by pre-generating the EST ID keys, as I was doing before.
This is very frustrating.