On 03/10/17 18:35, Doug Beattie wrote:
> The specific issue is that these client certificate CAs don't have
> the EKU extension even though we have no intent of issuing SSL
> certificates (they are WT audited and verified to not issue any SSL
> certificates per the BRs).
Would it be an acceptable
Hello Gerv,
The BRs are clear on the use of SHA-1, but I have a question about the Mozilla
policy and how it relates to the use of SHA-1 OCSP signing certificates.
In December 2016 the Mozilla policy 2.3 was published and it didn't address the
use of SHA-1 on OCSP signing certificates (see
2 matches
Mail list logo
