On Wed, Apr 1, 2026 at 6:53 PM Nico Williams <[email protected]> wrote:
> Though someone just wrote me off-list that: > > | I know at least of GlobalSign Client Authentication Root R45 and > | GlobalSign Client Authentication Root E45 (but have no experience with > | them). > | > | > https://support.globalsign.com/ca-certificates/root-certificates/globalsign-root-certificates > > So perhaps not all CAs have exited that market. But this is just their > root certificates; I've not yet found how to get a client certificate > from them nor how much it costs. That seems like research that might inform your future position on these matters. Multiple CAs are offering client auth certs under separate roots, and servers are welcome to trust the roots in question if they wish to participate in that particular PKI. Mike
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
