allow other status mechanisms to use the same OID

c2bo · c2bo · commit f13540dc178e · 2025-04-10T11:04:13.000-07:00
diff --git a/draft-ietf-oauth-status-list.md b/draft-ietf-oauth-status-list.md
@@ -904,6 +904,7 @@ The following is a non-normative example for media type `application/json`:
 ## Extended Key Usage Extension {#eku}
 
 {{RFC5280}} specifies the Extended Key Usage (EKU) X.509 certificate extension for use on end entity certificates. The extension indicates one or more purposes for which the certified public key is valid. The EKU extension can be used in conjunction with the Key Usage (KU) extension, which indicates the set of basic cryptographic operations for which the certified key may be used. A certificate's issuer explicitly delegates Status List Token signing authority by issuing a X.509 certificate containing the KeyPurposeId defined below in the extended key usage extension.
+Other specifications MAY choose to re-use this OID for other status mechanisms.
 
 The following OID is defined for usage in the EKU extension
 
