Author: Jeremy Harris Date: To: exim-dev Subject: Re: [exim-dev] [Bug 443] would like to use user S/MIME certificate
as sufficient authentication
On 12/06/14 21:58, Viktor Dukhovni wrote: > On Thu, Jun 12, 2014 at 09:52:59PM +0100, Jeremy Harris wrote:
>
>>> Note also, that S/MIME certificates will often have the wrong
>>> keyUsage or extendedKeyUsage for use as a TLS client cert.
>>
>> I've not decided what to do about those two, either with
>> respect to extractors or enforcement in certificate verification.
>>
>> Are they actually used in practice?
>
> Sorry, a bit out of context here, not sure what "they" means, can
> you state your question in a bit more detail?
>
keyUsage and kextendedKeyUsage fields in certificates.