On 06/06/17 18:39, Andrew Ayer wrote:
<snip>
I'm trying to better understand under which circumstances such
certificates would end up in the log - when would a log add a
non-self-signed certificate as a trust anchor?
I don't know, but I have seen such certificates added as "roots" in
existing RFC6962 logs. It's also interesting that RFC6962-bis changed
the language from "root" to "trust anchor" which suggests this
practice was intended to be explicitly supported. What was the motivation
behind this language change?
https://trac.ietf.org/trac/trans/ticket/102
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
