On 13/05/14 03:22, Peter Bowen wrote: > Is there a list of Extended Key Usages that are within scope for the > Mozilla CA Program?
I hope I can get this right... I believe the answer is: "We'd like it to be the case that only serverAuth, and whatever the email EKU is, are in scope, and all certs which do not bear one of those EKUs are out of scope. However, legacy concerns mean we may not be able to get there straight away." https://bugzilla.mozilla.org/show_bug.cgi?id=968817 Given that we have not yet fixed bug 968817, Kathleen would need to answer the second part of your question. Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy