Something I want to happen: s2n (Amazon TLS logic) + mozilla::pkix (Firefox cert validation) + libcrypto (historically not the buggy part)
-
-
Replying to @FiloSottile
@FiloSottile +AIA fetching (so we don't create a new set of boatanchor devices w/ shitty root stores to flummox everyone 5 years from now)1 reply 1 retweet 3 likes -
Replying to @sleevi_
@sleevi_@FiloSottile I still don't think AIA fetching's benefits outweigh the costs, long term. I agree that Fx needs improvement though.2 replies 1 retweet 0 likes -
Replying to @BRIAN_____
@BRIAN_____@sleevi_@FiloSottile What are costs of using AIA to chase down intermediates? (Rehash of "why-we-hate-OCSP"?)2 replies 1 retweet 0 likes
Replying to @randomoracle
@randomoracle @sleevi_ @FiloSottile Yes, same reasons as OCSP. I think when Mozilla starts rejecting SHA-1, we'll understand issues better.
8:12 AM - 10 Jul 2015
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.