On Sun, Jan 21, 2018 at 6:23 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > > >> On Jan 21, 2018, at 6:04 PM, Jeffrey Walton <noloa...@gmail.com> wrote: >> >> Maybe OpenSSL should allow users to choose between IETF issuing >> policies and CA/Browser BR issuing policies. > > The sensible thing at this point is to publish an update to RFC5280 > that accepts reality.
+1. Add a Key-Interception usage while you're at it. Its a widespread practice too. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
