I configured a Windows CA and created a certificate template to issue certificates with ECDH_P384 keys:
Then I noticed that it's not possible to set the "Key Encipherment" key usage in the "Extensions" tab:
![2]](http://i.stack.imgur.com/0ysW5.png)
What is the reason behind this limitation?
Is it correct to say that the "Key Encipherment" key usage makes no sense when using ECDH since it's already a key agreement protocol?