[CentOS] Why is localhost self-signed cert a CA cert?
Robert Moskowitz
rgm at htt-consult.com
Wed Jan 9 01:30:07 UTC 2013
On 01/08/2013 08:15 PM, Gordon Messmer wrote:
> On 01/08/2013 04:42 PM, Robert Moskowitz wrote:
>> CA:TRUE means it is a signing cert. In RFC 5280, app C.2 end-entity cert:
>> (g) the certificate is an end entity certificate, as the basic
>> constraints extension is not present;
> OK. If you want to suggest to Red Hat use "-extensions v3_req", you'll
> probably need to do so as a paying customer, in bugzilla. "why"
> probably isn't a question for this list. CentOS simply rebuilds the
> source that Red Hat provides.
I know that I would have to take this to bugzilla if my reading was
correct. And on further review, I am holding more that way. So I will
put in the bug report even without being a paying customer. Just my cred
on working on PKIX back a decade ago and being the architect of the
Bridge CA model for the US Federal and BioPharma PKIs...
More information about the CentOS
mailing list