Someone sent to me a signed email. The GW-Client says that I must decide whether or not to warrant a ca in the cert-path.

When I look at the path, it is as follows:

- "TC TrustCenter Universal CA I"
-- "TC TrustCenter Class 1 L1 CA IX" <-- this is what I shall warrant
--- "User Name (user.name@maildoma.in)"

So I thought it would be sufficient that the top-most (root-) certificate is valid. Why am I asked about the 2nd cert? And how could I warrant this for all GW-Users?