Marc Sherman wrote: > Having said that, the apparent implementation does seem sane WRT PKI > theory, and everything we want to do (such as trusting only a subset of > certs signed by the trusted roots) can be done with a combination of > this implementation and ACL conditions, so this sounds like it's just a > bug in the docs, probably. Philip?
That's always a possibility. Either there's a bug in the implementation or a bug in the docs. Either way it's worth noting I guess, given that the case of a certificate file that contains just the peer certificate, without it's associated root CA, seems to fail. Cheers, Leon -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
