I don't believe SSL ever had an RFC defining the protocol. RFC 2246 does
define TLS Proto Version 1.0. In the handshake message descriptions is:
"Section 7.4.2. Server certificate
...
certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
certificate must come first in the list. Each following
certificate must directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate which specifies the
root certificate authority may optionally be omitted from the
chain, under the assumption that the remote end must already
possess it in order to validate it in any case.
..."
Looks like only the self-signed root may be ommitted (in TLS). Darned if I
can find the SSL specs I downloaded from Netscape so long ago.
Victor Probo
Dave Roberts wrote:
> The system believed it was 4/30/2002 11:27 PM, when Julien Pierre typed:
>
>
>>The SSL protocol specifies that the server must present
>>its entire certificate chain to the client, but this server is not doing
>
>
> Are you sure about this? I'm working from memory here, but I thought
> the SSL spec did not mandate that the whole chain needed to be sent.
> (I'll try to look it up later).
>
> It would be logical however to supply any intermediate CA's as the
> client may not have those on record, but the root CA should not have to
> be sent - particularly if it's a "known" CA.
>
> AIUI Microsoft's IIS only supplies the end certificate by default. Not
> that that has any bearing on standards at all. :)
>
> - Dave.
>
