apparently ZeroSSL has a cross-signed root until 2029 from AAA Certificate Services, which means it works from Windows 2000 and up - it was in the Microsoft Root Program by 2006.
curious if Win 2000 will actually validate it, since it contains a sha384 signature
I tried validating this hypothesis but the biggest hurdle is finding a server that hasn't dropped the SSL v2 handshake that is used in Win 2000
okay, no, windows 2000 can't validate it because it has no clue what the signature algorithm is
Windows XP should be able to do it technically, but is missing the AAA issuer - at least the modern.ie one
The PS3 actually supports TLS 1.2, and has a limited selection in the root trust store, making this an actual use case, albeit niche - considering you have a whooping 200 MB for your JS heap, and a whole 56 MB for page content, according to the web content guidelines.
