Repeating it doesn’t make it any more true. Cert providers publish their root certs, you pin those root certs, zero problems.
Repeating it doesn’t make it any more true. Cert providers publish their root certs, you pin those root certs, zero problems.
Then the CA goes away, like Entrust. Huge problems. I speak (sadly) from experience.
They rotate those often enough.