Comment 19 for bug 332176
Revision history for this message
|
|
#19 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Not security sensitive. No exploit is disclosed here.
The reporter apparently is unaware that there are other methods of revocation checking than OCSP. I'm pretty sure his concern is really with lack of
revocation checking, and not specifically lack of OCSP.
It would be useful to get some statistics on what percentage of SSL server
certs have any form of revocation checking info in them. Unless that number
is very close to 100%, this would just become another nuisance warning that
users would become conditioned to ignore.
This seems like a good candidate to become a browser extension.