Matt McCutchen wrote:
An extended key usage of "TLS Web Server Authentication" on the intermediate CA would constrain all sub-certificates, no?
You are here talking about a proprietary Microsoft extension of the X509 security model.
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto