On 2014-09-17 09:25, Gervase Markham wrote:
A short-lived cert _without_ an OCSP URI also works with legacy browsers. Unless you are using some other definition of "works"?
A browser could perfectly reject a certificate that doesn't comply with the BR because the required OCSP URI is missing.
Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
