Re-thinking about this a bit more, OpenSSL doesn't do any key-usage verification of things when it does signatures. So I am closing this ticket. As a work-around, verifying the signature and usage of the signed data maybe? (If someone wants to do a PR to fix this, great.) -- Rich Salz, OpenSSL dev team; [email protected]
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
