Key Usage List
This section defines the values you can use (as a list) in the key-usage-list parameter. You can configure the parameter with more than one of the possible values.
| Value | Description |
|---|---|
| digitalSignature
(default with keyEncipherment) |
Used when the subject public key is used with a digital signature mechanism to support security services other than non-repudiation, certificate signing, or revocation information signing. Digital signature mechanisms are often used for entity authentication and data origin authentication with integrity. |
| nonRepudiation | Used when the subject public key is used to verify digital signatures that provide a non-repudiation service protecting against the signing entity falsely denying some action, excluding certificate or CRL signing. |
| keyEncipherment
(default with digitalSignature) |
Used with the subject public key is used for key transport. (For example, when an RSA key is to be used for key management.) |
| dataEncipherment | Used with the subject public key is used for enciphering user data other than cryptographic keys. |
| keyAgreement | Used with the subject public key is used key agreement. (For example, when a Diffie-Hellman key is to be used for a management key.) |
| encipherOnly | The keyAgreement type must also be set.
Used with the subject public key is used only for enciphering data while performing key agreement. |
| decipherOnly | The keyAgreement type must also be set.
Used with the subject public key is used only for deciphering data while performing key agreement. |
