responses here to a different question,
> because it appears (likely my misinterpretation) from this thread it's OK
> to include OCSP-signing into a CA certificate?
>
>
> https://groups.google.com/d/msg/mozilla.dev.security.policy/EzjIkNGfVEE/XSfw4tZPBwAJ
>
>
>
> On We
X is also a (misissued) delegated
> OCSP signing certificate that is in scope for the BRs and the Mozilla Root
> Store Policy.
>
> --
> *From:* dev-security-policy
> on behalf of Peter Mate Erdosi via dev-security-policy <
> dev-security-policy@lists.mozilla.org>
Just for my better understanding, is the following CA certificate
"TLS-capable"?
X509v3 Basic Constraints critical:
CA:TRUE
X509v3 Key Usage critical:
Certificate Sign, CRL Sign
X509v3 Extended Key Usage:
Time Stamping, OCSP Signing
Peter
On Thu, Jul 2, 2020 at 12:14 PM Rob Stradling via
Dear list,
I have a question about the issuance of the OCSP responder certificates in case
of technically constrained CAs. I apologize for the long introduction, but this
may be an important audit question in the (near) future.
--- BEGIN INTRO ---
I would like to cite five points from the
4 matches
Mail list logo