On 03/23/2009 08:13 PM, Nelson B Bolyard:
Perhaps PSM should have a feature, used at cert import time, that discovers that the chain is incomplete and offers, at that time, to go and fetch the missing certs in the chain via AIA.
Cold this be a solution which could be applied to Firefox as well in the error pages? Something like:
"The certificate appears to be signed by an unknown root. However the certificate indicates that it's chained to an issuer which is unknown. Shall Firefox try to fetch the issuer certificate?"
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
