This new paper compares the behavior of several different TLS client implementations in accepting or rejecting server authentication certificates:
https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf Discrepancies in different implementations' decisions often pointed to bugs! I've written to ask if we can get their code or if they'd like to run a similar test using data from the Observatory. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
