On 31 okt. 2013, at 16:14, Arnaud Abélard <[email protected]> wrote:
> Hello, > > the IM Observatory reporting tool gives me a few > "Warning: Trusted root certificate is included in the chain." when checking > my certificate chain. > > I don't understand why the fact the root CA certificate is trusted and > included is raising a warning? > > I thought the usage was to include the whole certificate chain, did I get > that wrong? > > Thanks, > > Arnaud Hello Arnaud, The client already has that certificate (because it is trusted), so including it is not necessary. However, it will cause more overhead for the handshake (extra bytes to send and slightly more CPU usage). Of course, such a delay will be small and only happens once during a connection (it’s much worse for HTTPS), but in mobile clients every byte might count. :) Regards, Thijs
signature.asc
Description: Message signed with OpenPGP using GPGMail
