On Sat, May 31, 2014 at 7:44 AM, Andrew McGlashan wrote: > Does Chromium suffer from the Google decision to make use of OCSP > impossible? Therefore, an untrustworthy browser.
Basically, the answer is the design of certificate revocation is fundamentally flawed, and Google have their own security model: http://www.imperialviolet.org/2012/02/05/crlsets.html That should not in any way lead to the conclusion that chromium or google chrome are untrustworthy. It just means that Google uses an alternative approach to a fundamentally unsolvable problem. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CANTw=MP84m0OdYFSaZb2EZypRU4yfdSWYHXfOKPQAy=vi1c...@mail.gmail.com