On Thu, 28 Nov 2019 at 20:22, Peter Gutmann <pgut...@cs.auckland.ac.nz>

> Ben Laurie via dev-security-policy <dev-security-policy@lists.mozilla.org>
> writes:
> >In short: caching considered harmful.
> Or "cacheing considered necessary to make things work"?

If you happen to visit a bazillion sites a day.

> In particular:
> >caching them and filling in missing ones means that failure to present
> >correct cert chains is common behaviour.
> Which came first?  Was cacheing a response to broken chains or broken
> chains a
> response to cacheing?
> Just trying to sort out cause and effect.

Pretty sure if broken chains caused browsers to not show pages, then there
wouldn't be broken chains.

I am hiring! Formal methods, UX, SWE ... verified s/w and h/w.

https://g.co/u58vjr https://g.co/adjusu
*(Google internal)*
dev-security-policy mailing list

Reply via email to