> On 18 Jun 2016, at 22:16, Yaron Sheffer <[email protected]> wrote: > >> >> That being said; an option to pin to the public key of a certain >> intermediate CA is far more useful, with the caveat of roll-over and >> broken/bouncing mail transfer. >> > > You are betting on your CA still using the same intermediate CA the next time > it issues you a certificate. I wouldn't count on that.
I'm not. Specifically that is one of the issues I meant to address by writing "with the caveat oif roll-over and broken/bouncing mail transfer". Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
