Re: [exim-dev] [Bug 443] would like to use user S/MIME certi…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MViktor Dukhovni at <-
MViktor Dukhovni at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev
Subject: Re: [exim-dev] [Bug 443] would like to use user S/MIME certificate as sufficient authentication
On 12/06/14 21:58, Viktor Dukhovni wrote:
> On Thu, Jun 12, 2014 at 09:52:59PM +0100, Jeremy Harris wrote:
>
>>> Note also, that S/MIME certificates will often have the wrong
>>> keyUsage or extendedKeyUsage for use as a TLS client cert.
>>
>> I've not decided what to do about those two, either with
>> respect to extractors or enforcement in certificate verification.
>>
>> Are they actually used in practice?
>
> Sorry, a bit out of context here, not sure what "they" means, can
> you state your question in a bit more detail?
>

keyUsage and kextendedKeyUsage fields in certificates.

Does anybody take notice of them?
--
Jeremy


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] [Bug 443] would like to use user S/MIME certificate as sufficient authenticationRe: [exim-dev] [Bug 443] would like to use user S/MIME certificate as sufficient authentication->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)