gk at torproject.org
Thu Oct 6 07:37:00 UTC 2016
> Would anyone be so kind to fill me in on how TB uses OneCRL, if at all?
> OneCRL being the revocation method of FF that allows high risk certs to be
> revoked without a browser update. Does TB disable it? Check it? (And if so,
> is it persisted to disk, which would leak approximate last runtime?)
> I ask because a similar thing might be the way to go for proposal 273 and
> want to understand precedent/how this was considered in the past...
I have not looked if anything of our changes to Firefox code would
affect OneCRL. But we don't do anything special in this regard. I think
chances are very high that we are doing the same as vanilla Firefox.
> tbb-dev mailing list
> tbb-dev at lists.torproject.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the tbb-dev