This boils down to whether it is okay to prioritize availability over
security. Still, the actual question remains: does the android browser
support CRL or OCSP in any form?
And since CRLs can be cached, it would be perfectly sane to have a
cached CRL on device for an intermediate that has been
On Thu, Sep 8, 2011 at 9:33 AM, nlsp niels.po...@gmail.com wrote:
This boils down to whether it is okay to prioritize availability over
security.
Availability is a security guarantee just like confidentiality or integrity.
Still, the actual question remains: does the android browser
support
On Thu, Sep 8, 2011 at 10:12 AM, Chris Palmer snackypa...@gmail.com wrote:
On Thu, Sep 8, 2011 at 9:33 AM, nlsp niels.po...@gmail.com wrote:
This boils down to whether it is okay to prioritize availability over
security.
Availability is a security guarantee just like confidentiality or
On Sep 8, 7:12 pm, Chris Palmer snackypa...@gmail.com wrote:
On Thu, Sep 8, 2011 at 9:33 AM, nlsp niels.po...@gmail.com wrote:
This boils down to whether it is okay to prioritize availability over
security.
Availability is a security guarantee just like confidentiality or integrity.
I
On 2011-09-08 20:02, nlsp wrote:
On Sep 8, 7:12 pm, Chris Palmersnackypa...@gmail.com wrote:
On Thu, Sep 8, 2011 at 9:33 AM, nlspniels.po...@gmail.com wrote:
This boils down to whether it is okay to prioritize availability over
security.
Availability is a security guarantee just like
On Thu, 08 Sep 2011 20:37:46 +0200
polishcode wrote:
On the other hand, Opera browser does not contain info on CA's. In order
to check a certificate path, it consults Opera's server, which is a
central (and the only one) place to hold such info.
Does it use a secure connection for this?
On 2011-09-08 22:12, Kevin Chadwick wrote:
On Thu, 08 Sep 2011 20:37:46 +0200
polishcode wrote:
On the other hand, Opera browser does not contain info on CA's. In order
to check a certificate path, it consults Opera's server, which is a
central (and the only one) place to hold such info.
Does
On Thu, 08 Sep 2011 21:23:50 +0200
polishcode polishc...@gmail.com wrote:
Please refer to the link I supplied above:
http://my.opera.com/securitygroup/blog/2011/08/30/when-certificate-authorities-are-hacked-2.
What else could it transmit? Everything or nothing.
False sense of security is
On 2011-09-08 22:36, Kevin Chadwick wrote:
On Thu, 08 Sep 2011 21:23:50 +0200
polishcodepolishc...@gmail.com wrote:
Please refer to the link I supplied above:
http://my.opera.com/securitygroup/blog/2011/08/30/when-certificate-authorities-are-hacked-2.
What else could it transmit? Everything
It just occurs again recently with another CA vendor was broken in
again (DigiNotar). Having OCSP/CRL will help. I have a question. Does
Android's Web browser support OCSP/CRL?
Thank you,
-Pandit
On Aug 21, 11:37 pm, Miles miles_christ...@yahoo.com wrote:
Just wanted to confirm if it does.
Having OCSP/CRL will help.
Actually, that is not at all clear.
http://www.imperialviolet.org/2011/03/18/revocation.html
http://www.ietf.org/mail-archive/web/websec/current/msg00296.html
Compound the generally low reliability and performance of CAs' OCSP
and CRL endpoints, multiply that times
11 matches
Mail list logo
