[tbb-dev] OneCRL
Georg Koppen
gk at torproject.org
Thu Oct 6 07:37:00 UTC 2016
Tom Ritter:
> Would anyone be so kind to fill me in on how TB uses OneCRL, if at all?
> OneCRL being the revocation method of FF that allows high risk certs to be
> revoked without a browser update. Does TB disable it? Check it? (And if so,
> is it persisted to disk, which would leak approximate last runtime?)
>
> I ask because a similar thing might be the way to go for proposal 273 and
> want to understand precedent/how this was considered in the past...
I have not looked if anything of our changes to Firefox code would
affect OneCRL. But we don't do anything special in this regard. I think
chances are very high that we are doing the same as vanilla Firefox.
Georg
> -tom
>
>
>
> _______________________________________________
> tbb-dev mailing list
> tbb-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20161006/72147eb1/attachment.sig>
More information about the tbb-dev
mailing list