CL 71030 enforced EKU nesting at verification time, to go along with the
change in name constraints behaviour. From scanning the Certificate
Transparency logs, it's clear that some CAs are not getting EKU nesting
correct.
This change relaxes the EKU rules in a few ways:
∙ EKUs in roots are no longer checked.
∙ Any CA certificate may issue OCSP responder certificates.
∙ The ServerAuth and SGC EKUs are treated as a single EKU when
checking nesting.
∙ ServerAuth in a CA can now authorise ClientAuth.
∙ The generic CodeSigning EKU can now authorise two, Microsoft-specific
code-signing EKUs.