My personal opinion is that cross-EKU chimeras should not exist. I realize they’re extremely common in the industry, but they’re bad.
DigiCert has had a long and vigorous internal discussion about the correct number of EKUs in a certificate. I’m a strong proponent of the “exactly one” position, but other people have differing opinions. I see Ryan agreeing; I think we should do whatever we can to make sure the Working Groups have disjoint and clearly defined scopes. -Tim From: Moudrick M. Dadashov [mailto:[email protected]] Sent: Thursday, May 17, 2018 7:30 PM To: Tim Hollebeek <[email protected]>; CA/Browser Forum Public Discussion List <[email protected]> Subject: Re: [cabfpub] For Discussion: S/MIME Working Group Charter Email server certificates not included? Thanks, M.D. On 5/18/2018 1:49 AM, Tim Hollebeek via Public wrote: Oops, missed a spot: 1. To specify S/MIME Baseline Requirements, Extended Validation Guidelines, Network and Certificate System Security Requirements, and other acceptable practices for the issuance and management of S/MIME certificates used to sign and encrypt emails. _______________________________________________ Public mailing list [email protected] <mailto:[email protected]> https://cabforum.org/mailman/listinfo/public
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
