On 18/11/16 13:48, Doug Beattie wrote: > * Do you propose that CAs > create new CA certificates every time a new EKU needs to be supported > in an end entity certificate?
If we are going to avoid having SHA-1-issuing intermediates out there which can also issue server certs, then they are all going to need to be EKU-constrained, and so this particular bullet is going to be necessary. > Please reconsider the EKU requirement in CA certificates (SHA-1 and > SHA-256). It's too bad we can't say: AnyEKU except id-kp-serverAuth > or id-kp-codeSigning I can see the issue you are raising, but I wonder if there is a middle ground between the current position and "anything in any combination as long as no serverAuth". Particularly as, if Erwann is right, the pathlen=0 constraint can be bypassed. I'm particularly concerned about email, that being the other thing Mozilla's root store now cares about. What EKUs are commonly combined in an EE cert with id-kp-emailProtection, other than id-kp-clientAuth? Gerv _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
