On Thu, Aug 29, 2002 at 02:42:20AM +0200, Dr. Stephen Henson wrote: > The Netscape Cert Type is an old non standard extension which some > software ignores. > > The standard way to do this stuff is with extended key usage and > the appropriate usage, clientAuth in this case. >
Brilliant! That did the trick. Now Outlook correctly recognises clientAuth certs as not being usable for S/MIME - just what I wanted... Unfortunately Mozilla says the same cert *is* usable for S/MIME! Sigh... -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
