On Sun, Jan 21, 2018 at 6:23 PM, Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote: > > >> On Jan 21, 2018, at 6:04 PM, Jeffrey Walton <noloader@xxxxxxxxx> wrote: >> >> Maybe OpenSSL should allow users to choose between IETF issuing >> policies and CA/Browser BR issuing policies. > > The sensible thing at this point is to publish an update to RFC5280 > that accepts reality. +1. Add a Key-Interception usage while you're at it. Its a widespread practice too. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
