My personal opinion is that cross-EKU chimeras should not exist.  I realize 
they’re extremely common in the industry, but they’re bad.

 

DigiCert has had a long and vigorous internal discussion about the correct 
number of EKUs in a certificate.  I’m a strong proponent of the “exactly one” 
position, but other people have differing opinions.

 

I see Ryan agreeing; I think we should do whatever we can to make sure the 
Working Groups have disjoint and clearly defined scopes.

 

-Tim

 

From: Moudrick M. Dadashov [mailto:m...@ssc.lt] 
Sent: Thursday, May 17, 2018 7:30 PM
To: Tim Hollebeek <tim.holleb...@digicert.com>; CA/Browser Forum Public 
Discussion List <public@cabforum.org>
Subject: Re: [cabfpub] For Discussion: S/MIME Working Group Charter

 

Email server certificates not included?

Thanks,
M.D.

On 5/18/2018 1:49 AM, Tim Hollebeek via Public wrote:

Oops, missed a spot:

 

1. To specify S/MIME Baseline Requirements, Extended Validation Guidelines, 
Network and Certificate System Security Requirements, and other acceptable 
practices for the issuance and management of S/MIME certificates used to sign 
and encrypt emails.

 






_______________________________________________
Public mailing list
Public@cabforum.org <mailto:Public@cabforum.org> 
https://cabforum.org/mailman/listinfo/public

 

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
Public mailing list
Public@cabforum.org
https://cabforum.org/mailman/listinfo/public

Reply via email to