[cabfpub] (Eventually) requiring id-kpServerAuth for all certs in the chain?
Eddy Nigg
eddy_nigg at startcom.org
Mon Nov 3 14:32:00 MST 2014
On 11/03/2014 11:20 PM, Brian Smith wrote:
> 2. Require the revocation of any intermediate certificates that do not
> have an EKU extension or have an EKU extension with
> anyExtendedKeyUsage and/or have an EKU extension with id-kp-serverAuth.
You must be joking, aren't you? :-)
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20141103/1a359d7e/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
Url : https://cabforum.org/pipermail/public/attachments/20141103/1a359d7e/attachment.bin
More information about the Public
mailing list