On 26/11/15 11:32, Rob Stradling wrote: > On 26/11/15 11:20, Yoav Nir wrote: > <snip> >> Another thing is that I don’t get why some CAs have the web *client* >> authentication EKU thrown in there. > > Because a sufficiently large number of customers asked for it. :-) > > AIUI the use case is server-to-server comms, where server A acts as a > TLS client and server B requires TLS client auth. Server A also acts as > a TLS server and its operator doesn't want to have to manage 2 different > certs.
Yep. I also want that. Not needed everywhere but it's good to have. S. > _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
