Hi Nelson, Nelson Bolyard wrote: > Yes, there is a standard for certs that allows (but does not require) > "relying parties" to go search on the internet for missing intermediate CA > certs. Do you have the quote from the corresponding RFC for this? > But that standard does NOT relieve SSL servers of the obligation to > send their entire server cert chains Correct.
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Phone: +1.213.341.0390 _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security