On 31.07.2013 16:47, Jakob Bohm wrote:
the Authority Information Access extension does not make any sense in root - self-signed - certs;the only cert that can't be checked by OCSP is the root cert itself;This is where I disagree, can you point me to an actual reason whynot, which is not refuted by my logical ABC argument above.
keep in mind: Google changes (or has already changed) the root cert. on their servers and this will not be noticed by any user in the world, because the Google Internet Authority is issued by another CA that has its root in the trusted cert store of (nearly) every system in the world;
Greetings, Walter
smime.p7s
Description: S/MIME Cryptographic Signature
