Ryan Sleevi
Ryan Sleevi
I don’t think treating it as xor is correct, especially when looking at the RFCs that use this (e.g. https://tools.ietf.org/html/rfc5246#section-7.4.2 ). Specifically, this is a permission grant for ciphersuites, and...
> @sleevi That makes sense to me, and so `ExtKeyUsage` == `ExtKeyUsageServerAuth` and `KeyUsage` == `KeyUsageDigitalSignature|KeyUsageKeyEncipherment` seems kosher, am I reading you right? Yup. I think I misread on the...
This is not explicitly a requirement of the BRs. I think this is WontFix for now, or at best a request for a `WARNING` Level notice? The context here is...
The requirement, FWIW, is 7.1.4.2.2(e) of the current requirements.
@mtgag Just trying to organize the other PRs.
Erp, I missed the similarity to #136 due to also mentioning iPAddresses here. I'm ok duping them, or keeping this separate to also lint the well-formedness of IP addresses.
@rolandshoemaker Thanks for pointing out the iPAddress. While that makes sure that the base value is parsable, I was thinking about other checks, such as making sure it's not an...
I’m pretty ambivalent! I wasn’t even sure if this would be a breaking change (hence the discussion tag). I wasn’t sure how “lints moved around / renamed” should be handled....
I suppose I think of this more as a cleanup task, like #536, and while yes there may be some discussion, I think the overhead of 11 reviews would be...
We’ve intentionally tried to avoid this in the past, because unreliable lints mistakenly encourage CAs to believe ZLint as a whole is unreliable. My own view is that we should...