Extended Key Usage | |
Server Authentication | |
No EKU | 1025 |
serverAuth | 19 |
serverAuth,clientAuth | 1058 |
serverAuth,clientAuth,OCSPSigning | 13 |
serverAuth,emailProtection | 3 |
serverAuth,clientAuth,emailProtection | 6 |
serverAuth,clientAuth,codeSigning | 1 |
serverAuth,clientAuth,codeSigning,emailProtection,timeStamping | 5 |
serverAuth,clientAuth,codeSigning,NetscapeSGC | 1 |
serverAuth,clientAuth,IntelAMTProvisioning | 1 |
serverAuth,clientAuth,IPSECEndSystem,IPSECTunnel,IPSECUser | 1 |
serverAuth,clientAuth,IPSECEndSystem,IPSECTunnel,IPSECUser,OCSPSigning,enrollmentAgent | 1 |
serverAuth,clientAuth,NetscapeSGC,VerisignSGC | 2 |
NetscapeSGC,VerisignSGC | 1 |
NetscapeSGC | 1 |
NetscapeSGC,serverAuth,clientAuth | 4 |
clientAuth,serverAuth,MicrosoftSGC,NetscapeSGC | 8 |
ServerAuth Total | 2150 |
ClientAuth | |
clientAuth | 48 |
ClientAuth Total | 48 |
S/MIME | |
emailProtection, clientAuth | 319 |
emailProtection | 18 |
clientAuth,emailProtection,AuthenticDocumentsTrust | 3 |
clientAuth,emailProtection,BitLocker,MS-docSigning,EFSRecovery,EFS,Smartcardlogon | 1 |
clientAuth,emailProtection,caExchange,keyRecoveryAgent | 9 |
clientAuth,emailProtection,digitalPersona | 1 |
clientAuth,emailProtection,EFS | 4 |
clientAuth,emailProtection,EFS,MS-docSigning | 1 |
clientAuth,emailProtection,EFS,MS-docSigning,Smartcardlogon,PIV-cardAuth,pivi-content-signing | 1 |
clientAuth,emailProtection,EFS,Smartcardlogon | 2 |
clientAuth,emailProtection,EFS,Smartcardlogon,MS-docSigning,AuthenticDocumentsTrust | 5 |
clientAuth,emailProtection,EFSRecovery,EFS,Smartcardlogon | 2 |
clientAuth,emailProtection,IPSECUser,EFS,EFSRecovery,MSkeyRecovery,enrollmentAgent,Smartcardlogon,PASSIM | 1 |
clientAuth,emailProtection,IPSECUser,Smartcardlogon,EFS,keyRecoveryAgent,MS-docSigning,ipsecIKE | 1 |
clientAuth,emailProtection,MS-docSigning | 41 |
clientAuth,emailProtection,MS-docSigning,AuthenticDocumentsTrust,Smartcardlogon | 1 |
clientAuth,emailProtection,MS-docSigning,EFS | 3 |
clientAuth,emailProtection,MS-docSigning,EFS,Smartcardlogon | 1 |
clientAuth,emailProtection,MS-docSigning,Entrust-docSigning | 1 |
clientAuth,emailProtection,Smartcardlogon | 4 |
clientAuth,emailProtection,Smartcardlogon,EFS,EFSRecovery,BitLocker | 1 |
emailProtection,BitLocker,EFSRecovery,EFS | 1 |
emailProtection,caExchange | 1 |
emailProtection,caExchange,keyRecoveryAgent | 10 |
emailProtection,clientAuth,EntrustEvent,EntrustUnknown,Smartcardlogon | 1 |
emailProtection,clientAuth,IPSECUser,EFS,EFSRecovery,MSkeyRecovery,enrollmentAgent,Smartcardlogon,PASSIM | 1 |
emailProtection,clientAuth,Smartcardlogon,EFS,EFSRecovery,BitLocker | 1 |
emailProtection,clientAuth,Smartcardlogon,MS-docSigning | 1 |
emailProtection,MS-docSigning | 3 |
emailProtection,MS-docSigning,AuthenticDocumentsTrust | 6 |
S/MIME Total | 445 |
Code Signing | |
codeSigning | 163 |
codeSigning,kernelModeCS | 2 |
codeSigning,msCodeCom | 1 |
codeSigning,OCSPSigning | 6 |
codeSigning,Symantec-EKUs | 1 |
codeSigning,timeStamping | 5 |
clientAuth,codeSigning | 7 |
clientAuth,codeSigning,emailProtection,timeStamping,MS-docSigning,AuthenticDocumentsTrust | 1 |
Code Signing Total | 186 |
Document Signing (not including S/MIME CAs) | |
MS-docSigning | 1 |
MS-docSigning,AuthenticDocumentsTrust | 17 |
AuthenticDocumentsTrust | 10 |
AuthenticDocumentsTrust,MS-docSigning | 3 |
clientAuth,AuthenticDocumentsTrust | 2 |
clientAuth,AuthenticDocumentsTrust,MS-docSigning | 3 |
clientAuth,Smartcardlogon,AuthenticDocumentsTrust | 2 |
Document Signing Total | 38 |
CAs with OCSP Signing EKU (not including serverAuth CAs) | |
OCSPSigning,clientAuth,emailProtection | 6 |
emailProtection,clientAuth,OCSPSigning,IPSECUser,EFS,EFSRecovery,MSkeyRecovery,enrollmentAgent,PASSIM | 1 |
clientAuth,emailProtection,OCSPSigning,eapOverLAN,EFS,EFSRecovery,MSkeyRecovery,enrollmentAgent,PASSIM | 1 |
clientAuth,emailProtection,OCSPSigning,EFS,EFSRecovery,MSkeyRecovery,enrollmentAgent,Smartcardlogon,PASSIM | 2 |
clientAuth,emailProtection,OCSPSigning,MS-docSigning | 3 |
clientAuth,emailProtection,OCSPSigning,MS-docSigning,EFS | 14 |
timeStamping,OCSPSigning | 4 |
timeStamping,OCSPSigning,AuthenticDocumentsTrust | 1 |
OCSP Signing Total | 32 |
Time Stamping (not including CAs with codesigning or OCSP Signing EKUs) | |
timeStamping | 56 |
timeStamping,AuthenticDocumentsTrust | 2 |
clientAuth,timeStamping | 1 |
clientAuth,emailProtection,timeStamping | 2 |
clientAuth,emailProtection,timeStamping,AuthenticDocumentsTrust,MS-docSigning | 1 |
Time Stamping Total | 62 |
Miscellaneous | |
BrandIndicatorforMessageID | 1 |
Miscellaneous Total | 1 |
Grand Total | 2962 |
Derived Trust Bits | Total |
Server Authentication | |
No EKU | 596 |
serverAuth | 38 |
serverAuth;clientAuth | 1106 |
serverAuth;clientAuth;codeSigning | 5 |
clientAuth;emailProtection;OCSP Signing;serverAuth;docSign | 1 |
serverAuth;clientAuth;emailProtection | 763 |
serverAuth;clientAuth;codeSigning;docSign;EFS;emailProtection;timeStamping | 19 |
serverAuth;clientAuth;codeSigning;docSign;IPSEC-IKE-interm;emailProtection;timeStamping | 8 |
serverAuth;clientAuth;codeSigning;docSign;emailProtection;timeStamping | 63 |
serverAuth;clientAuth;codeSigning;EFS;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 25 |
serverAuth;clientAuth;codeSigning;EFS;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping;docSign | 1 |
serverAuth;clientAuth;codeSigning;EFS;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 153 |
serverAuth;clientAuth;codeSigning;EFS;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping;docSign | 8 |
serverAuth;clientAuth;codeSigning;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 11 |
serverAuth;clientAuth;codeSigning;IPSEC-IKE-interm;emailProtection;timeStamping | 3 |
serverAuth;clientAuth;codeSigning;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 104 |
serverAuth;clientAuth;codeSigning;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping;EFS | 9 |
serverAuth;clientAuth;codeSigning;OCSP Signing;emailProtection;timeStamping | 21 |
serverAuth;clientAuth;codeSigning;emailProtection | 23 |
serverAuth;clientAuth;codeSigning;emailProtection;EFS;IPSEC-tunnel-term;IPSEC-user;timeStamping | 4 |
serverAuth;clientAuth;codeSigning;emailProtection;timeStamping | 217 |
serverAuth;clientAuth;docSign | 2 |
serverAuth;clientAuth;docSign;EFS;emailProtection;timeStamping | 7 |
serverAuth;clientAuth;docSign;EFS;timeStamping | 1 |
serverAuth;clientAuth;docSign;emailProtection | 23 |
serverAuth;clientAuth;docSign;emailProtection;timeStamping | 30 |
serverAuth;clientAuth;docSign;emailProtection;timeStamping;IPSEC-IKE-interm | 1 |
serverAuth;clientAuth;EFS;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 1 |
serverAuth;clientAuth;EFS;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 43 |
serverAuth;clientAuth;EFS;emailProtection;timeStamping | 2 |
serverAuth;clientAuth;IPSEC-end-system;IPSEC-tunnel-term;IPSEC-user | 1 |
serverAuth;clientAuth;IPSEC-end-system;IPSEC-tunnel-term;IPSEC-user;OCSP Signing | 1 |
serverAuth;clientAuth;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection | 4 |
serverAuth;clientAuth;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 2 |
serverAuth;clientAuth;IPSEC-IKE-interm;emailProtection;timeStamping | 5 |
serverAuth;clientAuth;IPSEC-IKE-interm;emailProtection;timeStamping;docSign | 2 |
serverAuth;clientAuth;OCSP Signing | 10 |
serverAuth;clientAuth;emailProtection;codeSigning;timeStamping | 1 |
serverAuth;clientAuth;emailProtection;timeStamping | 68 |
serverAuth;clientAuth;emailProtection;timeStamping;docSign | 2 |
serverAuth;emailProtection | 19 |
serverAuth Total | 3403 |
clientAuth | 128 |
clientAuth Total | 128 |
S/MIME | |
emailProtection | 34 |
clientAuth;emailProtection | 580 |
emailProtection;clientAuth;docSign | 65 |
emailProtection;clientAuth;EFS | 5 |
emailProtection;clientAuth;IPSEC-user;EFS | 1 |
emailProtection;docSign | 9 |
clientAuth;emailProtection;docSign;EFS | 8 |
clientAuth;emailProtection;IPSEC-user;EFS | 1 |
clientAuth;emailProtection;IPSEC-user;EFS;docSign | 1 |
clientAuth;docSign;IPSEC-tunnel-term;IPSEC-user;emailProtection | 4 |
clientAuth;emailProtection;timeStamping | 30 |
clientAuth;emailProtection;timeStamping;docSign | 1 |
S/MIME Total | 739 |
Code Signing (not including serverAuth CAs) | |
codeSigning | 176 |
codeSigning;clientAuth | 15 |
codeSigning;OCSP Signing | 6 |
codeSigning;emailProtection;timeStamping;docSign | 2 |
codeSigning;serverAuth;clientAuth;emailProtection;timeStamping | 1 |
codeSigning;timeStamping | 5 |
clientAuth;codeSigning;emailProtection | 91 |
clientAuth;codeSigning;emailProtection;timeStamping | 45 |
clientAuth;codeSigning;emailProtection;timeStamping;docSign | 1 |
clientAuth;codeSigning;emailProtection;timeStamping;serverAuth;EFS;IPSEC-tunnel-term;IPSEC-user | 2 |
Code Signing Total | 344 |
Document Signing | |
docSign | 21 |
clientAuth;docSign | 3 |
Document Signing Total | 24 |
OCSP Signing | |
OCSP Signing;clientAuth;emailProtection | 6 |
timeStamping;OCSP Signing | 5 |
clientAuth;emailProtection;OCSP Signing;docSign | 3 |
OCSP Signing Total | 14 |
Time Stamping | |
timeStamping | 59 |
clientAuth;timeStamping | 1 |
clientAuth;docSign;emailProtection;timeStamping | 3 |
clientAuth;EFS;IPSEC-IKE-interm;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping;IPSEC-end-system | 1 |
clientAuth;EFS;IPSEC-tunnel-term;IPSEC-user;emailProtection;timeStamping | 15 |
Time Stamping Total | 79 |
Total | 4731 |