https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
Users of Mozilla Firefox that are concerned about this issue should enable
security.OCSP.require in the about:config dialog.
How can i enable this feature in Google Chrome/Chromium?
--
users
On Thu, Mar 24, 2011 at 07:58:48 -0700,
johhny_at_poland77 johhny_at_polan...@zoho.com wrote:
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
Users of Mozilla Firefox that are concerned about this issue should enable
On Thu, 2011-03-24 at 13:29 -0500, Bruno Wolff III wrote:
On Thu, Mar 24, 2011 at 07:58:48 -0700,
johhny_at_poland77 johhny_at_polan...@zoho.com wrote:
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
Users of Mozilla Firefox that
On Thu, Mar 24, 2011 at 14:16:49 -0430,
Patrick O'Callaghan pocallag...@gmail.com wrote:
Wierd advice IMHO. There are a number of practical reasons for not
checking CRLs (Certificate Revocation Lists) all the time, but sending
cert serial numbers to the CA is not among them. The serial
On Thu, 2011-03-24 at 14:10 -0500, Bruno Wolff III wrote:
On Thu, Mar 24, 2011 at 14:16:49 -0430,
Patrick O'Callaghan pocallag...@gmail.com wrote:
Wierd advice IMHO. There are a number of practical reasons for not
checking CRLs (Certificate Revocation Lists) all the time, but sending
On Thu, Mar 24, 2011 at 15:12:56 -0430,
Patrick O'Callaghan pocallag...@gmail.com wrote:
Even if that's true, it doesn't belie what I just said. If you don't
trust the CA, don't use their services at all.
There is a difference between trusting them to certify a site and to not
resell data