x509 v1 certificate

Werner Koch wk at gnupg.org
Mon Sep 25 16:20:32 CEST 2006

On Mon, 25 Sep 2006 15:08, Kazu Yamamoto (山本和彦) said:

> Because verisign's root certificates are v1 which are widely accepted.

Isn't that the company who once issue a certificate for MICROS0FT.COM :-)

To be fair it doesn't matter which CA issues bogus certificates as in
general all 100 and more root certificates are implicitly

I consider a per root CA flag to allow relaxing some checks.



More information about the Gnupg-devel mailing list