<i>KeyUsage status flags are ignored.<p>From Engineering Security, Peter Gutmann:<p>A European government CA marked its signing certificates as being valid for encryption only, but no-one noticed.<p>Another European CA marked its signature keys as not being valid for signatures.<p>A different CA marked its own trusted root certificate as being invalid for certificate signing.<p>Another national CA distributed a certificate to be used to encrypt data for the country’s tax authority that was marked as only being usable for digital signatures but not for encryption.<p>Yet another CA reversed the order of the bit flags in the keyUsage due to confusion over encoding endianness, essentially setting a random keyUsage in certificates that it issued.<p>Another CA created a self-invalidating certificate by adding a certificate policy statement stipulating that the certificate had to be used strictly as specified in the keyUsage, and a keyUsage containing a flag indicating that the RSA encryption key could only be used for Diffie-Hellman key agreement.</i>