[security-dev 00885]: Re: CR 6847459 Created, P3 java/classes_secu Allow trust anchor self-issued intermediate version 1 and version 2 certificate (original) (raw)

Sean Mullan Sean.Mullan at Sun.COM
Mon Jun 8 16:25:16 UTC 2009

• Previous message (by thread): [security-dev 00882]: Re: CR 6847459 Created, P3 java/classes_secu Allow trust anchor self-issued intermediate version 1 and version 2 certificate
• Next message (by thread): [security-dev 00886]: Re: CR 6847459 Created, P3 java/classes_secu Allow trust anchor self-issued intermediate version 1 and version 2 certificate
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Xuelei Fan wrote:

Many, many Verisign root certs are V1, and the intermediate cert are V3.

I believe that is because many Verisign roots were issued in the late 1990's and perhaps v3 (published in 1996) had not gained enough support in the market yet.

I am wondering if you know if there are legitimate use cases of CAs still issuing v1/v2 root certificates? If not, I'm not sure it is really worth fixing this. Instead I would recommend fixing the regression test.

Thanks, Sean

• Previous message (by thread): [security-dev 00882]: Re: CR 6847459 Created, P3 java/classes_secu Allow trust anchor self-issued intermediate version 1 and version 2 certificate
• Next message (by thread): [security-dev 00886]: Re: CR 6847459 Created, P3 java/classes_secu Allow trust anchor self-issued intermediate version 1 and version 2 certificate
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the security-dev mailing list