x509 v1 certificate
Werner Koch
wk at gnupg.org
Mon Sep 25 16:20:32 CEST 2006
On Mon, 25 Sep 2006 15:08, Kazu Yamamoto (山本和彦) said:
> Because verisign's root certificates are v1 which are widely accepted.
Isn't that the company who once issue a certificate for MICROS0FT.COM :-)
To be fair it doesn't matter which CA issues bogus certificates as in
general all 100 and more root certificates are implicitly
cross-certified.
I consider a per root CA flag to allow relaxing some checks.
Salam-Shalom,
Werner
More information about the Gnupg-devel
mailing list