Discuss this help topic in SecureBlackbox Forum
TElExtendedKeyUsageExtension is a descendant of TElCustomExtension class.
Description
The following paragraph is taken from RFC 2459 (Housley, et. al.), part 4.2.1.13:
«This field indicates one or more purposes for which the certified
public key may be used, in addition to or in place of the basic
purposes indicated in the key usage extension field.
This extension may, at the option of the certificate issuer, be
either critical or non-critical.
If the extension is flagged critical, then the certificate MUST be
used only for one of the purposes indicated.
If the extension is flagged non-critical, then it indicates the
intended purpose or purposes of the key, and may be used in finding
the correct key/certificate of an entity that has multiple
keys/certificates. It is an advisory field and does not imply that
usage of the key is restricted by the certification authority to the
purpose indicated. Certificate using applications may nevertheless
require that a particular purpose be indicated in order for the
certificate to be acceptable to that application.
If a certificate contains both a critical key usage field and a
critical extended key usage field, then both fields MUST be processed
independently and the certificate MUST only be used for a purpose
consistent with both fields. If there is no purpose consistent with
both fields, then the certificate MUST NOT be used for any purpose.»
.NET: