Xuelei Fan wrote:
Many, many Verisign root certs are V1, and the intermediate cert are V3.
I believe that is because many Verisign roots were issued in the late 1990's and perhaps v3 (published in 1996) had not gained enough support in the market yet.
I am wondering if you know if there are legitimate use cases of CAs still issuing v1/v2 root certificates? If not, I'm not sure it is really worth fixing this. Instead I would recommend fixing the regression test.
Thanks, Sean