I've heard that in the X.509 world, the certificate subject attribute is supposed to be unique... and that if someone has multiple trusted roots with the same subject (but still different in other ways) that it is an unusual use case that needs to be reviewed further.
Is this stance documented somewhere?
