On Thu, 09 Aug 2012 09:18:00 +0200 Moritz Grimm <mgmlist...@mrsserver.net> wrote:
> You always put trust into the whole chain (that's why you need > intermediate certs in the first place), starting with your trusted > root. If that trust turns out to be misplaced in any one of the > components (root, intermediate, server), you lose. For a server certificate you can generally only lose inasmuch as that server or domain name is concerned. But for misplaced trust in an intermediate cert with certificate-signing capability, you lose big-time, because that cert can be used to sign a server cert for any domain whatsoever. My hope was to obviate the very human risk on my part of trusting an intermediate cert that I didn't mean to trust by finding a place where I could safely cache arbitrary intermediate certs just in case they are needed to build a validation chain to the root, but without according any trust to these certs on the basis of their presence in the cache. As if I used the "-untrusted" switch on "openssl verify".