On Wed, 2010-09-29 at 16:39 -0600, Peter Saint-Andre wrote: > On 9/29/10 4:19 PM, Jim Schaad wrote: > > There was one case in the original text here that I was expecting to be > > kept. This was the case of the chain of certificates being changed from > > when it was originally presented. Given the suggestion that the chain is > > shown for advanced users (see 4.6.4) I am wondering about the fact that we > > are no longer looking at anything more that the terminal certificate at this > > point. > > Yes, that's important.
What is the benefit of caching the entire certification path? What attacks does it prevent? Mozilla PSM only caches the end-entity certificate, and if there is a problem with that approach, I would like to know about it. -- Matt _______________________________________________ certid mailing list [email protected] https://www.ietf.org/mailman/listinfo/certid
