That being said; an option to pin to the public key of a certain intermediate CA is far more useful, with the caveat of roll-over and broken/bouncing mail transfer.
You are betting on your CA still using the same intermediate CA the next time it issues you a certificate. I wouldn't count on that.
Thanks,
Yaron
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
