On Thu, Jun 11, 2020 at 07:13:52PM +0200, Theo Buehler wrote: > On Thu, Jun 11, 2020 at 05:38:32PM +0100, Jason McIntyre wrote: > > On Thu, Jun 11, 2020 at 09:55:50PM +1000, Ross L Richardson wrote: > > > > > > Fix a horribly mangled sentence. Would "may" be more appropriate > > > than "can"? > > > > > > > hi. > > > > i think the rewording is fine. i don;t think we should change "may" to > > "can" though. > > > > > Also, in the list of usages: for serverAuth and clientAuth, shouldn't > > > the word "web" be elided? > > > > > > > i don;t know. hence i will wait awhile - if no one comments, i'll take > > your diff as-is. > > that's ok tb >
thanks > I think you could remove both "SSL" and "web" in these two lines if you > wanted to. The first few items of this list are derived from RFC 5280 > (page 44) where it says "TLS WWW server authentication" (which is even > uglier). > so i committed it without SSL and web. jmc > I also think we're putting lipstick on a pig. > > > > > jmc > > > > > Ross > > > > > > > > > Index: x509v3.cnf.5 > > > =================================================================== > > > RCS file: /cvs/src/lib/libcrypto/man/x509v3.cnf.5,v > > > retrieving revision 1.6 > > > diff -u -p -r1.6 x509v3.cnf.5 > > > --- x509v3.cnf.5 6 Jun 2019 01:06:59 -0000 1.6 > > > +++ x509v3.cnf.5 11 Jun 2020 11:48:34 -0000 > > > @@ -186,8 +186,8 @@ keyUsage=digitalSignature, nonRepudiatio > > > keyUsage=critical, keyCertSign > > > .Ed > > > .Ss Extended key usage > > > -This extensions consists of a list of usages indicating purposes for > > > -which the certificate public key can be used for. > > > +This extension consists of a list of purposes for > > > +which the certificate public key can be used. > > > .Pp > > > These can either be object short names or the dotted numerical form of > > > OIDs. > > > While any OID can be used, only certain values make sense. > > > > > >