A major shift is coming to TLS:
Public CAs (like Let's Encrypt and DigiCert) will stop including clientAuth EKU in certs.
➡️ mTLS using public certs will fail — at renewal, not immediately.
What to check + how to prepare: https://t.co/Z1WNDLLpfL
#opensource#security