Would anyone be so kind to fill me in on how TB uses OneCRL, if at all? OneCRL being the revocation method of FF that allows high risk certs to be revoked without a browser update. Does TB disable it? Check it? (And if so, is it persisted to disk, which would leak approximate last runtime?)
I ask because a similar thing might be the way to go for proposal 273 and want to understand precedent/how this was considered in the past...
-tom
Tom Ritter:
Would anyone be so kind to fill me in on how TB uses OneCRL, if at all? OneCRL being the revocation method of FF that allows high risk certs to be revoked without a browser update. Does TB disable it? Check it? (And if so, is it persisted to disk, which would leak approximate last runtime?)
I ask because a similar thing might be the way to go for proposal 273 and want to understand precedent/how this was considered in the past...
I have not looked if anything of our changes to Firefox code would affect OneCRL. But we don't do anything special in this regard. I think chances are very high that we are doing the same as vanilla Firefox.
Georg
-tom
tbb-dev mailing list tbb-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev