The extension KeyUsage in subscriber's certificate SHOULD be marked as critical as in RFC 5280. What if it is not set? Does this violate the Baseline Requirements or any rules used by Mozilla Security Policy?
Best regards Lijun _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
