As Jeffrey Walton's comment, the standard is very malleable, making cert path validation a little unpredictable. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150406/b7517d7c/attachment.html>