It looks like CMS by default has the following key usages when creating a
new SSL server certificate:
Digital Signature
Non Repudiation
Key Encipherment
Data EnciphermentBut doesn't the X.509 standard require only Key Encipherment for SSL Server apps? Do SSL server certs typically come with all these usages? Would a SSL server cert with *only the Key Encipherment* usage be OK for an SSL/NSS Server app? -- POC
