The User ID of the certificate is ultimately valid (i.
e., usually the certificate belongs to the local user themselves).