An X509 certificate contains the following information:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Which of the following statements are true regarding the certificate? (Choose THREE correct answers.)
A. This certificate belongs to a certification authority.
B. This certificate may be used to sign certificates of subordinate certification authorities.
C. This certificate may never be used to sign any other certificates.
D. This certificate may be used to sign certificates that are not also a certification authority.
E. This certificate will not be accepted by programs that do not understand the listed extension.
ANSWERS Correct is ABD
B and C are wrong, A and D are correct, no idea about E. Expl.: man x509v3_config -> search for pathlen (wrt B and D), CA: true means this is a CA (A) and of course can end user certificates be signed (C)