I just received a note from the registrar through whom I bought the
security certificate that I use for my qmailtoaster server, saying that
their upstream provider is removing the Client Auth EKU from new SSL/TLS
certificates as of May 15th.
Their message makes clear that it won't affect the use of certificates
for HTTPS, but does affect:
Client Authentication
mTLS
Server-to-server authentication
I suspect that other vendors will follow suit, as this is apparently a
requirement from the CA/Browser Forum.
Does anyone know if using a cert for qmail constitutes 'client
authentication' or 'server-to-server authentication'? My suspicion is
that it might, potentially affecting anyone who runs a qmailtoaster
instance.
Thoughts?
Angus
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
