[Security] Rogue CAs
Jonathan Schleifer
js-xmpp-security at webkeks.org
Wed Dec 31 11:42:03 CST 2008
"Eric Rescorla" <ekr at rtfm.com> wrote:
> Firefox 3 does OCSP checks.
Not by default, no. It was either disabled by default or there was a
bug, I don't remember, but it doesn't work as expected by default.
> s/Windows/Linux/. It's not exactly like those operating systems are
> perfect.
As there are many distributions of Linux and most customized theirs, a
worm would be hard.
--
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/security/attachments/20081231/843386d3/attachment.pgp
More information about the Security
mailing list