Nelson Bolyard wrote [in part]: > I think we need to amend the policy to require this, and amend the list > of required documentation to support the application so that the CA's > intermediate CA certs, if any, will also be made available for inspection. > > Comments? >
I encountered a situation in which a bank's Web site was secured by a chain of certificates, two of which were intermediate certificates controlled by third parties (not by the CA whose root certificate was at the top of the chain). In this case, inspecting the CA's intermediate certificates would not be sufficient since the CA does not own or control the intermediate certificates. See my bug #376853 at <https://bugzilla.mozilla.org/show_bug.cgi?id=376853>. -- David E. Ross <http://www.rossde.com/>. Anyone who thinks government owns a monopoly on inefficient, obstructive bureaucracy has obviously never worked for a large corporation. © 1997 _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
