> No. LE has FIVE root certs. Maybe you can call it a split root. And you > have no way of knowing which one they use for any particular cert.
> And note the specifically say: "Our roots are kept safely offline." > So you can't even get the root to check it! "root" is ambiguous without context. The password for the real root is kept safely hidden. Most of the time when we say "root cert" we are talking about an intermediate cert that is contained in the collection of trusted certs distributed by distros. The current per-server "ca" supports self-signed certificates without installing a not-really trusted cert as trusted. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
