Dave wrote:
Only a fool would accept a self-signed certificate
CA certificate is self-signed. Are you suggesting CA should cross sign each others certificates?