On Tue, Jun 9, 2015, at 07:57 PM, Viktor Dukhovni wrote: > This requires some operational discipline, but avoids trusting third parties.
If I also control the CA, which in this case I do, I gather that point is moot. Still, the FP method seems cleaner in this case.
