On Thu, 28 Nov 2019 at 20:22, Peter Gutmann <[email protected]> wrote:
> Ben Laurie via dev-security-policy <[email protected]> > writes: > > >In short: caching considered harmful. > > Or "cacheing considered necessary to make things work"? If you happen to visit a bazillion sites a day. > In particular: > > >caching them and filling in missing ones means that failure to present > >correct cert chains is common behaviour. > > Which came first? Was cacheing a response to broken chains or broken > chains a > response to cacheing? > > Just trying to sort out cause and effect. > Pretty sure if broken chains caused browsers to not show pages, then there wouldn't be broken chains. -- I am hiring! Formal methods, UX, SWE ... verified s/w and h/w. #VerifyAllTheThings. https://g.co/u58vjr https://g.co/adjusu *(Google internal)* _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
