[All Lists] [By Thread] [By Date] [Previous] [Next]
From: Devorah
Subject: Who can issue certificates?
Date: 22 Elul 5781
My implementation verifies certificates. It checks signatures against issuer public keys.
Questions:
1. Where do I get the list of valid issuers? 2. Who decides which issuers are legitimate? 3. What if two issuers have conflicting policies?
For TLS, browsers ship with a list of trusted root CAs. The browser vendor decides. What is the equivalent for our system?
Thread: