Dear All, 1) The RFC 2459 (http://www.ietf.org/rfc/rfc2459.txt) mentions under heading 5.3.1 (Reason Code) that "CRL entry extension should be absent instead of using the unspecified (0) reasonCode value."
Now, if its not meant to be used then why is it specified in the first place? What is the purpose of this extension?? 2) Consider the web page given below: http://docs.sun.com/source/816-5533-10/ext.htm#1012064 It forewarns us to set the nonRepudiation (1) bit only after carefully considering their legal consequences. Since I'm not acquainted with the use of this bit vey well, I cannot figure what exactly could be the consequenses of setting this bit in a certificate. Could anybody kindly give me a real-life example of what could possibly happen with this bit set? I fully understand the meaning of "Non-Repudiation" but can't figure out the legal aspect of its presence... 3) While using the certutil tool, how do we set the various bits of the netscape-cert-type extension for a self-signed CA certificate?? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
