Update on this: Thanks to the excellent zmap/zlint tool, we realized we were missing the digitalSignature keyUsage on our planned new intermediates. We've updated the demo repo and our forum post ( https://community.letsencrypt.org/t/detailed-2020-hierarchy/131019) to indicate that we plan to include digitalSignature on these intermediates, so we can sign OCSP directly from them. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Plans for new ECDSA root and new intermediates from Let's Encrypt
Jacob Hoffman-Andrews via dev-security-policy Tue, 01 Sep 2020 14:03:57 -0700
- Plans for new ECDSA root and... Jacob Hoffman-Andrews via dev-security-policy
- Re: Plans for new ECDSA... Jacob Hoffman-Andrews via dev-security-policy