Thanks Richard and Peter Averroes wrote:
> Hi All, > > Does anyone know what value should be use > in an ExtendedKeyUsage extension for OCSP Responder Certificate. > > I use only those: > > extendedKeyUsage = serverAuth > > but the rfc2560, Chap. 4.2.2.2 Authorized Responders says: > > "OCSP signing delagation SHALL be designated by the > inclusion of id-pk-OCSPSigning in an extendedKeyUsage > certificate extension included in the OCSP response signer's > certificate." > > id-pk-OCSPSigning OBJECT IDENTIFIER ::= {id-pk 9} > > So...? > > Regards > > #------ > Averroes > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]