On Fri, Apr 19, 2019 at 01:22:59PM -0700, Wayne Thayer via dev-security-policy
wrote:
> Okay, then I propose adding the following to section 5.2 "Forbidden and
> Required Practices":
>
> Effective for certificates issued on or after April 1, 2020, end-entity
> certificates MUST include an EKU
On Wed, Apr 17, 2019 at 5:05 PM Ryan Hurst via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> For what it is worth I agree with Brian.
>
> I would go a bit further and say certificates need to be issued for
> explicit usages anything else produces potentially unknown
Ryan Sleevi made the following proposal:
Issue #122 [1] previously discussed Section 8 in the context of subordinate
> CAs, with a change [2] being made to include subordinate CAs (in the
> context of Section 5.3.2) within scope of notification requirements.
>
> However, as presently worded, it's
3 matches
Mail list logo