0007411: Relation of CSR extendedKeyUsage and ApplicationType in StartSigningRequest

ID	Project	Category	View Status	Date Submitted	Last Update

0007411	10000-012: Discovery	Spec	public	2021-11-12 10:06	2022-06-21 09:12

Reporter	Matthias Damm	Assigned To	Randy Armstrong
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.04
Target Version	1.05	Fixed in Version	1.05.02 RC1

Summary	0007411: Relation of CSR extendedKeyUsage and ApplicationType in StartSigningRequest
Description	The referenced application in StartSigningRequest (applicationId) has an ApplicationType. See also related Mantis issue 0007410 The CSR may contain an „extendedKeyUsage“ with „serverAuth, clientAuth“. We expected that the extendedKeyUsage is derived from the ApplicationType. What happens if the requested extendedKeyUsage is different than the ApplicationType? Is the extendedKeyUsage required in the CSR? Part 12 StartSigningRequest is silent on this.
Tags	No tags attached.

Commit Version
Fix Due Date

Randy Armstrong 2022-06-20 11:05 administrator ~0016857	Any bits set in basicConstraints or extendedKeyUsage fields in the CSR are ignored by the CertificateManager. The CertificateManager uses values that are appropriate and complaint with the specification.

Jim Luth 2022-06-21 09:12 administrator ~0016930	Agreed to changes edited in Munich F2F.

Date Modified	Username	Field	Change
2021-11-12 10:06	Matthias Damm	New Issue
2021-11-12 10:06	Matthias Damm	Relationship added	related to 0007410
2021-11-16 17:51	Jim Luth	Assigned To	=> Randy Armstrong
2021-11-16 17:51	Jim Luth	Status	new => assigned
2022-06-20 11:05	Randy Armstrong	Status	assigned => resolved
2022-06-20 11:05	Randy Armstrong	Resolution	open => fixed
2022-06-20 11:05	Randy Armstrong	Note Added: 0016857
2022-06-21 09:12	Jim Luth	Status	resolved => closed
2022-06-21 09:12	Jim Luth	Fixed in Version	=> 1.05.02 RC1
2022-06-21 09:12	Jim Luth	Note Added: 0016930