My personal opinion is that cross-EKU chimeras should not exist. I realize they’re extremely common in the industry, but they’re bad.
DigiCert has had a long and vigorous internal discussion about the correct number of EKUs in a certificate. I’m a strong proponent of the “exactly one” position, but other people have differing opinions. I see Ryan agreeing; I think we should do whatever we can to make sure the Working Groups have disjoint and clearly defined scopes. -Tim From: Moudrick M. Dadashov [mailto:m...@ssc.lt] Sent: Thursday, May 17, 2018 7:30 PM To: Tim Hollebeek <tim.holleb...@digicert.com>; CA/Browser Forum Public Discussion List <firstname.lastname@example.org> Subject: Re: [cabfpub] For Discussion: S/MIME Working Group Charter Email server certificates not included? Thanks, M.D. On 5/18/2018 1:49 AM, Tim Hollebeek via Public wrote: Oops, missed a spot: 1. To specify S/MIME Baseline Requirements, Extended Validation Guidelines, Network and Certificate System Security Requirements, and other acceptable practices for the issuance and management of S/MIME certificates used to sign and encrypt emails. _______________________________________________ Public mailing list Public@cabforum.org <mailto:Public@cabforum.org> https://cabforum.org/mailman/listinfo/public
Description: S/MIME cryptographic signature
_______________________________________________ Public mailing list Public@cabforum.org https://cabforum.org/mailman/listinfo/public