[cabfpub] Ballot 108: Clarifying the scope of the baseline requirements
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Wed Aug 7 11:58:09 MST 2013
On 08/07/2013 08:59 PM, From Ryan Sleevi:
> The cited libraries will all treat the SGC EKUs as equivalent to
> Server Auth in that case. As such, certs with SGC EKUs would need to
> be in scope, because they'd be technically possible to be used as
> server certs.
You might be right - the concern is what Gerv already mentioned here:
https://bugzilla.mozilla.org/show_bug.cgi?id=476807
/Anyone still using "It supports SGC/Step Up" as a marketing mechanism
is either a) encouraging the use of long-outdated, insecure and
standards-incompliant browsers, or b) using FUD./
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20130807/d91514c1/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20130807/d91514c1/attachment-0001.bin
More information about the Public
mailing list