Hi Stephen,

Thank you for the correction; I regret the error.

On Tue, Apr 10, 2018 at 8:12 AM Stephen Davidson via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:

> These certificates are compliant with the BR and contain the required
> extKeyUsage values for both id-kp-serverAuth or id-kp-clientAuth.  It
> appears that zLint "w_sub_cert_eku_extra_values" provides an incomplete
> message relating to the BR

I opened a pull request against zlint to fix the error message for the
extra_values lint: https://github.com/zmap/zlint/pull/218

I'll update the blog post momentarily.

dev-security-policy mailing list

Reply via email to