Ivan R. Judson wrote: >You could enable that rule by disallowing certs from the anonymous CA, if >that were an explosed functionality. (I'd expect to see it in future >releases ;-) > you can do that now, by just removing the anonymous CA cert from the server.