On 01.08.2017 21:21, Ted Lemon wrote:
On Aug 1, 2017, at 2:53 PM, Walter H. <walte...@mathemainzel.info <mailto:walte...@mathemainzel.info>> wrote:wrong exact this is it; a PKI has at least a root CA and end entity certificates, and of course I never mentioned this, the browser does validate checks - either CRL or OCSP, and all this is meant by running a own PKI ....is there a problem, to have the organization that has the delegation of ".home.arpa." also provide such SSL certificatessigned by an intermediate that got signed by any CA?This is not how PKI works.
and this is not everyones thing to have this configured ...
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet