This policy setting allows you to specify enhanced key usage (EKU) values to be used in filtering a list of digital certificates ...

Office System 2010

This policy setting allows you to specify enhanced key usage (EKU) values to be used in filtering a list of digital certificates for signing Excel, PowerPoint, and Word documents. An enhanced key usage (EKU) extension to a digital certificate is a collection of one or more values that indicate how a certificate should be used. Examples of EKU values include Smart Card Logon and Client Authentication. EKU filtering allows you to filter the list of installed certificates that can be used for digitally signing documents. The filtered list will appear when users attempt to select a certificate for digitally signing a document. 

If you enable this policy setting, you can specify a list of object identifiers (OIDs) that represent acceptable EKUs for certificates used in conjunction with signed documents. For example, for a certificate with the Encrypting File System (1.3.6.1.4.1.311.10.3.4) identifier, the OID is 1.3.6.1.4.1.311.10.3.4. This list of appropriate OIDs will vary according to the specific certificates that the organization uses.  For a list of object IDs associated with Microsoft cryptography, see Microsoft Knowledge Base article 287547, "Object IDs associated with Microsoft cryptography" at http://officeredir.microsoft.com/r/rlidGPOIDAndCrypt2O14?clid=1033. 

If you disable or do not configure this policy setting, EKU filtering is not available.

This policy setting allows you to specify a location that is used as a trusted source for opening files in this application. ... This policy setting allows you to specify a path to save the Offline Address Book. This policy setting will apply to all ... This policy setting allows you to specify a requested or desired XAdES level in creating a digital signature. If you enable ... This policy setting allows you to specify an encryption type for Office Open XML files. If you enable this policy setting, ... This policy setting allows you to specify enhanced key usage (EKU) values to be used in filtering a list of digital certificates ... This policy setting allows you to specify exceptions to DisableCrossAccountCopy for certain programs and add-ins. With the ... This policy setting allows you to specify if a new encryption key should be used when the password is changed. If you enable ... This policy setting allows you to specify that only the default data file is upgraded on the first boot of Outlook. If you ... This policy setting allows you to specify the additional location of templates. If you enable this policy setting, you may ...