Mozilla navrhuje zm?nu ohledn? práce s pod?ízenými digitálními certifikáty
24.03.2012
Citace: “The proposal is that the EKU [extended key usage] would be specified in the intermediate certificates, and the crypto code would look up the certificate chain at the EKU extensions to make sure that the end-entity certificate is allowed to be used for that purpose. The old NSS code does this if the EKU extension is present in the intermediate certificate, but the new libpkix code doesn’t currently do this.”