Hi all,

Anyone knows in client authentication, what are the Key Usage and Extended
Key Usage purposes we should validate?

As per the specification in [1]:

   - "Extended Key Usage" is not necessary and which is configured in
   addition to or in place of the basic purposes indicated in the key usage
   - "clientAuth" which can be configure as "Extended Key Usage", and Key
   usage bits that may be consistent for that is "digitalSignature" and/or

But when validating, what are the key usage purposes that should be allowed
and disallowed for client authentication?

[1] https://tools.ietf.org/html/rfc5280#section-

Thanks and Regards


*Indunil Rathnayake *

*Faculty of Information Technology*

*University of Moratuwa.*

Email : *indunil....@gmail.com <indunil....@gmail.com>* | Skype: indu.upeksha
| Mobile : (+94)713695179  | Twitter @indunilUR |

LinkedIn: http://lk.linkedin.com/in/indunil
|  Facebook
: https://www.facebook.com/indunilrathnayake80
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to