Hi all,
I have a path validation/hierarchy question - specifically wondering
about the path validation problems incurred on various clients. (I
realize there's no definite answer besides test it on all the clients
you care about.)
Imagine a four-cert hierarchy R - A - B - L (Root, Leaf, and
(CC-ing DD as I found this bug he reported asking about the same
thing: https://bugzilla.mozilla.org/show_bug.cgi?id=908046)
On 17 July 2014 07:33, Patrick McManus pmcma...@mozilla.com wrote:
If there would be a reduced risk by scoping the feature to debug builds I
would agree with you that it
Is having it in by default useful enough to outweigh the risk?
When the Dual_EC_DRBG news stories were blowing it, it was revealed
that you could switch to it by just changing the Windows Registry.
It's a Windows-supported backdoor - no malicious code needs to stay
running on your system - just
On 20 August 2013 14:26, Gervase Markham g...@mozilla.org wrote:
On 19/08/13 04:07, Brian Smith wrote:
When risk is there to a user of having a network eavesdropper able to
tell that they are using a particular browser? If I had an exploit for a
particular browser, I'd just try it anyway and
Thoughts, as a random passerby:
Of course I quite like the prioritization of (EC)DHE.
I think standardizing on a ciphersuite preference order with the aims
of reducing fingerprinting is a worthwhile (although wildly difficult)
goal for SSL _libraries_, but less so for browsers - to the point of
5 matches
Mail list logo