On 01/06/2009 04:51 AM, Julien R Pierre - Sun Microsystems:
It seems to me also that a self-signed certificate marked as a trust anchor, ie. a root, probably shouldn't have an AIA extension. At least it wouldn't make much sense for it to point to any OCSP responder, since the root cannot revoke itself - there is no one above the root to revoke it.
Haven't we discussed this just recently? I think Paul was part of the discussion, no?
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto