On Thu, Jun 11, 2020 at 05:38:32PM +0100, Jason McIntyre wrote: > On Thu, Jun 11, 2020 at 09:55:50PM +1000, Ross L Richardson wrote: > > > > Fix a horribly mangled sentence. Would "may" be more appropriate > > than "can"? > > > > hi. > > i think the rewording is fine. i don;t think we should change "may" to > "can" though. > > > Also, in the list of usages: for serverAuth and clientAuth, shouldn't > > the word "web" be elided? > > > > i don;t know. hence i will wait awhile - if no one comments, i'll take > your diff as-is.
that's ok tb I think you could remove both "SSL" and "web" in these two lines if you wanted to. The first few items of this list are derived from RFC 5280 (page 44) where it says "TLS WWW server authentication" (which is even uglier). I also think we're putting lipstick on a pig. > > jmc > > > Ross > > > > > > Index: x509v3.cnf.5 > > =================================================================== > > RCS file: /cvs/src/lib/libcrypto/man/x509v3.cnf.5,v > > retrieving revision 1.6 > > diff -u -p -r1.6 x509v3.cnf.5 > > --- x509v3.cnf.5 6 Jun 2019 01:06:59 -0000 1.6 > > +++ x509v3.cnf.5 11 Jun 2020 11:48:34 -0000 > > @@ -186,8 +186,8 @@ keyUsage=digitalSignature, nonRepudiatio > > keyUsage=critical, keyCertSign > > .Ed > > .Ss Extended key usage > > -This extensions consists of a list of usages indicating purposes for > > -which the certificate public key can be used for. > > +This extension consists of a list of purposes for > > +which the certificate public key can be used. > > .Pp > > These can either be object short names or the dotted numerical form of > > OIDs. > > While any OID can be used, only certain values make sense. > > >
