Bug#514807: statistics about V1 CA Certs / general assumptions about the state of the network

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Feb 20 04:47:45 UTC 2009


On 02/19/2009 04:42 PM, Simon Josefsson wrote:
> Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
> 
>> (is it even possible to transform a self-signed V1 cert into a
>> self-signed V3 cert?)
> 
> Not without re-signing it, which requires that certificates under the V1
> cert won't chain back to the V3 cert.  That's by design.

Thanks for the response!  Can you point me to a reference, Simon?  I'd
like to understand the details better, but don't know where to begin.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20090219/3c103be7/attachment-0001.pgp 


More information about the Pkg-gnutls-maint mailing list