On 17/11/16 15:56, Bruce Morton wrote: > [BM] To avoid a relationship with an attacker the CA could have an > "enterprise" relationship with the Subscriber. So if I'm a big corporation, I need to have enterprise relationships with every CA, to prevent an attacker setting up a relationship with that CA and pretending to be me? Gerv