NTS: removed "not implemented" on server ca
Hal Murray
hmurray at megapathdsl.net
Wed Apr 3 11:51:09 UTC 2019
> No. LE has FIVE root certs. Maybe you can call it a split root. And you
> have no way of knowing which one they use for any particular cert.
> And note the specifically say: "Our roots are kept safely offline."
> So you can't even get the root to check it!
"root" is ambiguous without context. The password for the real root is kept
safely hidden. Most of the time when we say "root cert" we are talking about
an intermediate cert that is contained in the collection of trusted certs
distributed by distros.
The current per-server "ca" supports self-signed certificates without
installing a not-really trusted cert as trusted.
--
These are my opinions. I hate spam.
More information about the devel
mailing list