prevaricate more about anyextendedkeyusage (#4939)

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2019-07-06 19:11:36 -0400
committer: Alex Gaynor <alex.gaynor@gmail.com> 2019-07-06 19:11:36 -0400
commit: a15986844e3ebd71efb7b8183733dd661ce75768 (patch)
tree: c6339b96640d07ca0a337f031a67ccaf6226e3e0
parent: 7b1391bfd4949140432bd003a8e43e32bfe968c5 (diff)
download: cryptography-a15986844e3ebd71efb7b8183733dd661ce75768.tar.gz
cryptography-a15986844e3ebd71efb7b8183733dd661ce75768.tar.bz2
cryptography-a15986844e3ebd71efb7b8183733dd661ce75768.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/docs/x509/reference.rst b/docs/x509/reference.rst
index 38901c7c..7156ab8c 100644
--- a/docs/x509/reference.rst
+++ b/docs/x509/reference.rst
@@ -2895,7 +2895,12 @@ instances. The following common OIDs are available as constants.
         .. versionadded:: 2.0
 
         Corresponds to the dotted string ``"2.5.29.37.0"``. This is used to
-        denote that a certificate may be used for _any_ purposes.
+        denote that a certificate may be used for _any_ purposes. However,
+        :rfc:`5280` additionally notes that applications that require the
+        presence of a particular purpose _MAY_ reject certificates that include
+        the ``anyExtendedKeyUsage`` OID but not the particular OID expected for
+        the application. Therefore, the presence of this OID does not mean a
+        given application will accept the certificate for all purposes.
 
 
 .. class:: AuthorityInformationAccessOID
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2019-07-06 19:11:36 -0400
committer	Alex Gaynor <alex.gaynor@gmail.com>	2019-07-06 19:11:36 -0400
commit	a15986844e3ebd71efb7b8183733dd661ce75768 (patch)
tree	c6339b96640d07ca0a337f031a67ccaf6226e3e0
parent	7b1391bfd4949140432bd003a8e43e32bfe968c5 (diff)
download	cryptography-a15986844e3ebd71efb7b8183733dd661ce75768.tar.gz cryptography-a15986844e3ebd71efb7b8183733dd661ce75768.tar.bz2 cryptography-a15986844e3ebd71efb7b8183733dd661ce75768.zip