Re: Question about the issuance of OCSP Responder Certificates by technically constrained CAs

On Tuesday, September 10, 2019 at 6:53:47 AM UTC-7, Robin Alden wrote: > > The aforementioned comments, however, indicate CAs have reported that > > Microsoft does [require the EKU chaining]. > I agree that statement is true, but I think it inadvertently misleads. > > We cannot speak for

RE: Question about the issuance of OCSP Responder Certificates by technically constrained CAs

> The aforementioned comments, however, indicate CAs have reported that > Microsoft does [require the EKU chaining]. I agree that statement is true, but I think it inadvertently misleads. We cannot speak for Microsoft about what their requirements for id-kp-OCSPSigning are, and we are not aware