[security-dev 00885]: Re: CR 6847459 Created, P3 java/classes_secu Allow trust anchor self-issued intermediate version 1 and version 2 certificate
Sean Mullan
Sean.Mullan at Sun.COM
Mon Jun 8 16:25:16 UTC 2009
Xuelei Fan wrote:
> Many, many Verisign root certs are V1, and the intermediate cert are V3.
I believe that is because many Verisign roots were issued in the late 1990's and
perhaps v3 (published in 1996) had not gained enough support in the market yet.
I am wondering if you know if there are legitimate use cases of CAs still
issuing v1/v2 root certificates? If not, I'm not sure it is really worth fixing
this. Instead I would recommend fixing the regression test.
Thanks,
Sean
More information about the security-dev
mailing list