[tbb-dev] OneCRL

Georg Koppen gk at torproject.org
Thu Oct 6 07:37:00 UTC 2016

Tom Ritter:
> Would anyone be so kind to fill me in on how TB uses OneCRL, if at all?
> OneCRL being the revocation method of FF that allows high risk certs to be
> revoked without a browser update. Does TB disable it? Check it? (And if so,
> is it persisted to disk, which would leak approximate last runtime?)
> I ask because a similar thing might be the way to go for proposal 273 and
> want to understand precedent/how this was considered in the past...

I have not looked if anything of our changes to Firefox code would
affect OneCRL. But we don't do anything special in this regard. I think
chances are very high that we are doing the same as vanilla Firefox.


> -tom
> _______________________________________________
> tbb-dev mailing list
> tbb-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20161006/72147eb1/attachment.sig>

More information about the tbb-dev mailing list