Section 13.2.1.1 permits self-signed certificates and says that "Self-signed certificates must be explicitly trusted by validators."
Yes, that sentence is wording confusingly. It should read, “For a self-signed certificate to be trusted, it must be known and trusted explicitly by the validator. Self-signed certificates should never appear on a trust list.”
From JPEG Fake Media:
Yes, that sentence is wording confusingly. It should read, “For a self-signed certificate to be trusted, it must be known and trusted explicitly by the validator. Self-signed certificates should never appear on a trust list.”