On 29/06/2012 17:45, Steingruebl, Andy wrote:
-Original Message-
From: Alexey Melnikov [mailto:alexey.melni...@isode.com]
Maybe this is not a good example, but I am thinking that something like
OCSP retrieval failing on the client side is not something that would
show up in the
Hi, thanks for your thoughts Yoav, apologies for latency,
I guess my issue with this..
..where this is denying the user the capability to click-through TLS/SSL
errors/warnings in all error cases..
..is because when I read the draft for the first
time, I thought this would be a good idea
Hi
It was my review that triggered this, so I'd like to explain my position.
There are several things that could be considered failures of the TLS layer:
1. Revoked certificate
2. No CRL/OCSP response
3. Expired certificate
4. Expired CRL (yes, I know NextUpdate is not expiry…)
5. Mismatch