@jpmens cert validation is a bit of a tricky mess in s/w because we the industry have not yet made it easy enough to register and renew them, not to mention trust anchors and collecting a decent amount of entropy. Yes, there’s acme and letsencrypt and EST and SCEP but it’s not enough, especially if we have applications on a device that intersect multiple trust domains.
Add comment