On Thu, 28 Nov 2019 at 20:22, Peter Gutmann <pgut...@cs.auckland.ac.nz>
wrote:

> Ben Laurie via dev-security-policy <dev-security-policy@lists.mozilla.org>
> writes:
>
> >In short: caching considered harmful.
>
> Or "cacheing considered necessary to make things work"?


If you happen to visit a bazillion sites a day.


> In particular:
>
> >caching them and filling in missing ones means that failure to present
> >correct cert chains is common behaviour.
>
> Which came first?  Was cacheing a response to broken chains or broken
> chains a
> response to cacheing?
>
> Just trying to sort out cause and effect.
>

Pretty sure if broken chains caused browsers to not show pages, then there
wouldn't be broken chains.

-- 
I am hiring! Formal methods, UX, SWE ... verified s/w and h/w.
#VerifyAllTheThings.

https://g.co/u58vjr https://g.co/adjusu
*(Google internal)*
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to