Bonsoir,

Hodie VI Id. Iun. MMVII est, durgaprasad jammula scripsit:
> This question is regarding the extended key usage
> extension implementation which differs from the
> specification [RFC 2459].
>
> I read RFC 2459 in
> http://www.faqs.org/rfcs/rfc2459.html section 4.2.1.13
> Extended key usage field.


The corresponding paragraph of the RFC3280 (RFC2459 is obsolete, and
superseded by RFC3280) reads:

"If the extension is present, then the certificate MUST only be used
for one of the purposes indicated."

RFC3280 is much more clear and unambigous than RFC2459.

--
Erwann ABALEA
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org