Open
Description
CertChecker.CheckCert
has a slightly confusing API, as it appears on the surface as the primary method on the type, but it doesn't actually authenticate the certificate at all, rather it validates the contents and should generally be called after CertChecker.Authenticate
. In particular the doc comment refers to checking "the signature of the certificate" is perhaps somewhat misleading, since this simply checks that the self-signature on the certificate is valid (both signature and key are attacker controlled, so don't actually impart any trust).
At the minimum we should update the doc comment to be clearer about what it actually does, and that it succeeding does not infer any trust.
cc @FiloSottile