In general, the root of a chain is often "out of band" and you don't send it. The receiving party gets a cert chain, and validates everything to make sure that it lists up to a root that is in their local trust store. They maintain and decide what's in that trust store, via out-of-band mechanisms. So while it could be an issue, in overall practice it usually isn't.
Hope this helps. _______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
