Kathleen, Some NSS built-in roots are cross-certified by other built-in roots.
When an intermediate cert chains to multiple roots, does it need to be disclosed multiple times (once for each root)?
Or, if it only needs to be disclosed once, then how should we determine which CA is responsible for disclosing? (Shortest chain, perhaps?)
Thanks. -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy