<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
On 08/07/2013 08:59 PM, From Ryan Sleevi:
<blockquote
cite="mid:CACvaWvbWbQQ7PJdT1755YSMOUeTV9sXTCTwfkyg1+5kQBU+8Sw@mail.gmail.com"
type="cite">
The cited libraries will all treat the SGC EKUs as equivalent to
Server Auth in that case. As such, certs with SGC EKUs would need
to
be in scope, because they'd be technically possible to be used as
server certs.
</blockquote>
<br>
You might be right - the concern is what Gerv already mentioned
here: <a class="moz-txt-link-freetext" href="https://bugzilla.mozilla.org/show_bug.cgi?id=476807">https://bugzilla.mozilla.org/show_bug.cgi?id=476807</a><br>
<br>
<i>Anyone still using "It supports SGC/Step Up" as a marketing
mechanism is either a) encouraging the use of long-outdated,
insecure and standards-incompliant browsers, or b) using FUD.</i><br>
<br>
<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>
</html>