Would it be possible in NSS to use as a trusted CA something that is not a self signed certificate, therefore allowing to directly trust what is technically an intermediate CA ?
We discussed this issue in the past; query Google groups for "intermediate CA" in n.p.m.crypto and you'll see a number of messages relating to this topic. In particular, Bob Relyea has commented on this a number of times.
I'm sure Bob will correct me if I'm wrong, but I believe the answer is that it is possible to put an intermediate CA in the default set and mark it trusted. Whether or not it's a good idea to do that is another question.
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
