Mike Ounsworth <[email protected]> wrote: > to deal with some kind of CA migration event? Does it have usefulness > in steady state; like does the CA want to use profile-sets to offer > "packages" like "S/MIME + TLS_Client"? But since the mechanism
If these are conflicting EKUs, and one needs two certificates, then I see a
useful thing here were I solve the email-01 challenge to also get my
id-kp-clientAuth certificate.
> it actually needs to create separate RSA and ML-DSA keys / CSRs.
This.
Also, there is an side-quest here into getting encryption-only (SMIME!) keys.
oh, to my email about knowing what is in each profile, it's also unclear to
me if the identities must be linked, of the challenges must be the same (so,
do not mix dns-01 with http-01), or if there is a way to *solve* the
challenge once.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
