On 8 Jan 2020, at 17:29, Ryan Sleevi <ryan-i...@sleevi.com<mailto:ryan-i...@sleevi.com>> wrote:
The CA must revoke if the certificate is misused; that's required by contract. The CA defines what misuse means. A number of CAs define misuse as "used for purposes other than TLS web server" Ergo, obtaining and using certificates with EAP means these certificates are at risk of revocation. Ok not for nothing but this is getting silly. If a CA actually revoked a cert for someone using it for EAP, would they also have to revoke for someone using it for SMTP, XMPP, and IMAP? Has that ever happened? Eliot
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
