You only need one.
In any event, my feeling is that a rogue CA (I include a CA which doesn't perform adequate verification in this category) is the greatest of the three risks I mentioned.
You only need one.
In any event, my feeling is that a rogue CA (I include a CA which doesn't perform adequate verification in this category) is the greatest of the three risks I mentioned.