pkix-5----Page:5
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
|
privateKeyUsagePeriod Extract from: draft-ietf-pkix-rfc3280bis-01.txt : “D.1 Private Key Usage Period This extension SHOULD NOT be used within the Internet PKI. (…) CAs conforming to this profile MUST NOT generate certificates with private key usage period extensions unless at least one of the two components is present and the extension is non-critical.” A discussion on the list indicated in 2003 that this was useful for HSMs and, even more, for Time-Stamping Units. PrivateKeyUsagePeriod should be allowed /RECOMMENDED for HSMs and TSUs. |