Hi Jochen,
You can have any CA you agree to sign your CSR. The CSR does not contain the private key, so your first option above would work. It just doesn't necessarily have to be the receiving system's CA. If you want a different CA, your partner will need to agree to trust it.
Your second option of importing only the public key will not work. You need more than the public key to use it for client authentication. The partner would need to send you a p12 file (or similar) which contains both the private and public key. Of course, sharing private keys can be a security risk.
You can also use your server cert for client authentication. The receiving system then sees your server cert when they request the certificate during the client auth step. CN=myserver.example.com
Thanks,
-Russ