[Top] [All Lists]

Re: [ietf-smtp] Possible contribution to moving forward with RFC5321bis SMTP

2020-01-01 13:18:28
On 1/1/20 2:01 PM, Viktor Dukhovni wrote:

FWIW, Let's Encrypt doesn't currently issue client certificates.
Actually, it does, for example:

         Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
             Not Before: Oct 24 07:01:29 2019 GMT
             Not After : Jan 22 07:01:29 2020 GMT
         Subject: CN =
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
                 RSA Public-Key: (2048 bit)
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment
             X509v3 Extended Key Usage:
                 TLS Web Server Authentication, TLS Web Client Authentication

The EKU lists both TLS server and TLS client roles.

Interesting.   I misread the text on their web site.   Thanks for pointing that out.


ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>