Hi all, Anyone knows in client authentication, what are the Key Usage and Extended Key Usage purposes we should validate?
As per the specification in [1]: - "Extended Key Usage" is not necessary and which is configured in addition to or in place of the basic purposes indicated in the key usage extension. - "clientAuth" which can be configure as "Extended Key Usage", and Key usage bits that may be consistent for that is "digitalSignature" and/or "keyAgreement" But when validating, what are the key usage purposes that should be allowed and disallowed for client authentication? [1] https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Thanks and Regards -- *Indunil Rathnayake * *Faculty of Information Technology* *University of Moratuwa.* Email : *indunil....@gmail.com <indunil....@gmail.com>* | Skype: indu.upeksha | Mobile : (+94)713695179 | Twitter @indunilUR | LinkedIn: http://lk.linkedin.com/in/indunil <http://www.google.com/url?q=http%3A%2F%2Flk.linkedin.com%2Fin%2Findunil&sa=D&sntz=1&usg=AFQjCNEmFm8EqJj46HTiFXEXdDLn3kJ79A> | Facebook : https://www.facebook.com/indunilrathnayake80
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users