On Tue, 2014-09-09 at 15:28 +0200, Reindl Harald wrote: > Am 09.09.2014 um 08:26 schrieb Adam Williamson: > > certificate_list > > This is a sequence (chain) of certificates. The sender's > > certificate MUST come first in the list. Each following > > certificate MUST directly certify the one preceding it. Because > > certificate validation requires that root keys be distributed > > independently, the self-signed certificate that specifies the root > > certificate authority MAY be omitted from the chain, under the > > assumption that the remote end must already possess it in order to > > validate it in any case > > sure?
Well, I mean, that's what's written down in the RFC, you can go read it for yourself. I'm not setting myself up as the world's leading authority on TLS, I need at least another fifteen minutes of googling before I do that. ;) -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
