Appendix C: remove 'RA' flag from MASA certificate

anima-wg / constrained-voucher

This is a repo for the IETF Internet Draft about constrained vouchers in CBOR

2 stars 4 forks source link

Appendix C: remove 'RA' flag from MASA certificate #244

Closed EskoDijk closed 1 year ago

EskoDijk commented 1 year ago

In MASA cert example we have

             X509v3 Extended Key Usage:
                 CMC Registration Authority,
                 TLS Web Server Authentication,
                 TLS Web Client Authentication

This should be removed - it is not a RA. Adding the EKU in fact highly constrains cert usage, in ways we don't want.

mcr commented 1 year ago

is this one of my certificates?

EskoDijk commented 1 year ago

No, it’s Peters. I have a PR almost ready that creates all of the certs and cose examples by script. That should solve this issue!

EskoDijk commented 1 year ago

Closed by #249