Sujet : Re: Client Auth certificates, threat or menace?
De : johnl (at) *nospam* taugh.com (John Levine)
Groupes : comp.mail.sendmailDate : 22. May 2025, 21:09:25
Autres entêtes
Organisation : Taughannock Networks
Message-ID : <100o09l$28bu$2@gal.iecc.com>
References : 1 2 3 4
User-Agent : trn 4.0-test77 (Sep 1, 2010)
According to Claus A�mann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org>:
Certificate:
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
>
Used by client: no error in client, but the server shows
status=unsupported certificate purpose
hence the cert is basically unusable for a client -
as some people claimed.
I'm not worried about that since basically nobody uses client certs signed by a public CA.
I was worried that some bug would look for it in server certs. That seems OK.
-- Regards,John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",Please consider the environment before reading this e-mail. https://jl.ly
Client Auth certificates, threat or menace?
Re: Client Auth certificates, threat or menace?