Hi, > My understanding of what Jakob wrote is that he holds the key for a > subordinate CA. Unless the CA that "signed" that subordinate has > been removed from trust lists then that subordinate would still be > useful, yes.
The subordinate certificate is blacklisted in browsers. Furthermore, Mozilla does not accept any non-root certs with MD5 signatures since mid-2011. Ralph -- Ralph Holz I8 - Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/ Phone +49.89.289.18043 PGP: A805 D19C E23E 6BBB E0C4 86DC 520E 0C83 69B0 03EF _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
