|
|
|
|
|
|
by szszrk
435 days ago
|
|
|
It's probably a typo, but a user rather uses short lived Cert, not a CA. CA (certificate authority) issues a Cert. CA doesn't have to be (and likely isn't) in users full control. Hosts answering to connections using that cert don't have to send anything back to CA. They just need rules "I trust this CA. If a user has a cert from it, and this precise combination of fields match, I consider this user's response trustworthy". |
|
|