This is a repeat (not sure what happened to original): I was able to use a cert which has keyEncipherment key usage only (no there key usages especially *no digitalSignature*) for SSL client authentication...I thought NSS would not permit this to happen, i.e. the client needs digitalSignature at least for SSL client usage. Am I missing something here? Is keyEncipherment good enough for SSL client??
-- Patrick
