[cabfpub] Name Constraints, Auditing and EKU
rob.stradling at comodo.com
Tue Apr 23 20:46:03 UTC 2013
On 23/04/13 21:01, Carl Wallace wrote:
> On 4/23/13 3:58 PM, "Rob Stradling" <rob.stradling at comodo.com> wrote:
>> Agreed. That's why I tried (unsuccessfully) to persuade Mozilla to
>> require the use of the Netscape Cert Type extension instead of "EKU
>> constraints" (this was last year when the "technically constrained"
>> language in the current version of the Mozilla CA Policy was being put
> Is there a specification that defines how "EKU constraints" work?
I'm not aware of any single definitive spec, but here are a few useful
Section 9 of
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public