Seth David Schoen <schoen at eff.org> writes: >The OCSP design presumably should require checking all the way up the cert >chain, but I guess people felt that that would add too much latency. Walking the chain won't make any difference, since it leads to a trusted root CA. Peter.