#
#  For use with the 'CA.all' script.
#
[ xpclient_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.2

[ xpserver_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.1

#
#  Add this to the PKCS#7 keybag attributes holding the client's private key
#  for machine authentication.
#
#  the presence of this OID tells Windows XP that the cert is intended
#  for use by the computer itself, and not by an end-user.
#
#  The other solution is to use Microsoft's web certificate server
#  to generate these certs.
#
# 1.3.6.1.4.1.311.17.2