The site is https://paiement.webaffaires.org/.
The problem is quite problably connected to the fact the root used is a very old RSA root (from 1994), that uses md2 and a 1000 bit rsa key.
I doubt it. If I'm not mistaken, that root CA is used for Verisign's less-expensive "Secure Site" SSL server certs, as opposed to their
more expensive "Secure Site Pro" certs.
Don't ask me why Verisign still uses that root.
Um, maybe because it's still valid, and is the most widely recognized SSL server root CA cert in existence ? IINM, that cert appeared in the first version of Netscape Navigator that featured SSL.
Also, this root CA doesn't use any intermediate CA certs. The root issues the SSL server certs directly. That's required for SSL2 certs, because the SSL2 protocol has no way to transmit intermediate CA certs.
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
