[CentOS] Why is localhost self-signed cert a CA cert?

Wed Jan 9 01:30:07 UTC 2013
Robert Moskowitz <rgm at htt-consult.com>

On 01/08/2013 08:15 PM, Gordon Messmer wrote:
> On 01/08/2013 04:42 PM, Robert Moskowitz wrote:
>> CA:TRUE means it is a signing cert.  In RFC 5280, app C.2 end-entity cert:
>>      (g)  the certificate is an end entity certificate, as the basic
>>           constraints extension is not present;
> OK.  If you want to suggest to Red Hat use "-extensions v3_req", you'll
> probably need to do so as a paying customer, in bugzilla.  "why"
> probably isn't a question for this list.  CentOS simply rebuilds the
> source that Red Hat provides.

I know that I would have to take this to bugzilla if my reading was 
correct. And on further review, I am holding more that way. So I will 
put in the bug report even without being a paying customer. Just my cred 
on working on PKIX back a decade ago and being the architect of the 
Bridge CA model for the US Federal and BioPharma PKIs...