Gervase Markham wrote: > > IE will also have a similar problem, but only if it has never > encountered a correctly-configured web server (i.e. it caches > intermediate certs). So IE in new installs of Windows will also have the > problem. > > This is not correct! IE fetches the intermediate CA if it finds a CA issuer extension within the subscriber certificate, which isn't really by any RFC, but nevertheless very useful! Many server installations are missing the intermediate CA files and IE gets around this problem in this way...Something to consider for Mozilla Firefox?
At our CA, we have a robot checking for missing ICA certificates....and send an appropriate message to the subscriber... -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Phone: +1.213.341.0390 _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security