Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis

ietf-smtp

Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP

2020-01-01 13:18:28

On 1/1/20 2:01 PM, Viktor Dukhovni wrote:

FWIW, Let's Encrypt doesn't currently issue client certificates.

Actually, it does, for example:

         Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
         Validity
             Not Before: Oct 24 07:01:29 2019 GMT
             Not After : Jan 22 07:01:29 2020 GMT
         Subject: CN = box.ezemailserver.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
                 RSA Public-Key: (2048 bit)
                 Modulus:
                     [...]
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment
             X509v3 Extended Key Usage:
                 TLS Web Server Authentication, TLS Web Client Authentication

The EKU lists both TLS server and TLS client roles.

Interesting. I misread the text on their web site. Thanks forpointing that out.


Keith

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, (continued) Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Hector Santos Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Hector Santos Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, John C Klensin Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Dave Crocker Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Dave Crocker Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, John Levine Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Viktor Dukhovni Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Keith Moore <= Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Hector Santos Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Hector Santos Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Dave Crocker Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Dave Crocker Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Keith Moore Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Dave Crocker Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Keith Moore

Previous by Date:	Re: [ietf-smtp] Endless debate on IP literals, Keith Moore
Next by Date:	Re: [ietf-smtp] Endless debate on IP literals, John R Levine
Previous by Thread:	Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP, Viktor Dukhovni
Next by Thread:	Re: [ietf-smtp] Possible cont4ibution to moving forward with RFC5321bis SMTP, Hector Santos
Indexes:	[Date] [Thread] [Top] [All Lists]