Work around GTE CyberTrust/Baltimore CyberTrust cross-signing issues

net/data/ssl/certificates/README

Index: net/data/ssl/certificates/README
diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README
index d5f53878397dcb6b7ea8be15643f1789f453b082..46a3d2614806dbc45a7c5560fc6dca4ea48577bf 100644
--- a/net/data/ssl/certificates/README
+++ b/net/data/ssl/certificates/README
@@ -171,3 +171,17 @@ unit tests.
      present). Since codeSigning is not valid for web server auth, the checks
      should fail.
 
+- cybertrust_gte_root.pem
+- cybertrust_baltimore_root.pem
+- cybertrust_omniroot_chain.pem
+- cybertrust_baltimore_cross_certified_1.pem
+- cybertrust_baltimore_cross_certified_2.pem
+     These certificates are reflect a portion of the CyberTrust (Verizon
+     Business) CA hierarchy. _gte_root.pem is a legacy 1024-bit root that is
+     still widely supported, while _baltimore_root.pem reflects the newer
+     2048-bit root. For clients that only support the GTE root, two versions
+     of the Baltimore root were cross-signed by GTE, namely
+     _cross_certified_[1,2].pem. _omniroot_chain.pem contains a certificate
+     chain that was issued under the Baltimore root. Combined, these
+     certificates can be used to test real-world cross-signing; in practice,
+     they are used to test certain workarounds for OS X's chain building code.