If Google's advocated changes were poorly conceived, it should be possible to make a case to the CA/B forum to reverse the erroneous policy.
That won’t matter because Google is doing it; you have to convince Google to stop. My concern with the draft -- well-intended though I think it is – is that this runs the risk of escalation. There’s nothing to stop Google or CA/B to define an OID for extendedKeyUsage that just has the old semantics and then the issue a timetable for it.
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
