@igrigorik qq: what do modern browsers do with `ticket_lifetime_hint`? Should http://istlsfastyet.com take it into an account?
-
-
Replying to @SaveTheRbtz
@SaveTheRbtz good question, paging@sleevi_ :) ... guessing, "not much".1 reply 0 retweets 1 like -
Replying to @igrigorik1 reply 0 retweets 0 likes
-
Replying to @sleevi_
@sleevi_@igrigorik@SaveTheRbtz Doesn't look like we do anything with it right now. I suppose we could? Meh.2 replies 0 retweets 0 likes -
Replying to @davidben__
@davidben__@igrigorik@SaveTheRbtz Yeah, seems more useful for constrained memory environments. Doesn't seem to offer any other benefits.1 reply 0 retweets 0 likes -
Replying to @sleevi_
@sleevi_@davidben__@igrigorik@SaveTheRbtz "I'll throw away the master secret for this session after X and/or I'd like you to do so."1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@davidben__@igrigorik@SaveTheRbtz Right, but that's like asking the client "Please set the evil bit if you have malware"1 reply 0 retweets 1 like -
Replying to @sleevi_
@sleevi_@davidben__@igrigorik@SaveTheRbtz No. It's good to throw away secrets when they're only useful to attackers, not you.2 replies 0 retweets 1 like -
Replying to @BRIAN_____
@BRIAN_____@davidben__@igrigorik@SaveTheRbtz Under what threat model does it provide value? Only client compromise4 replies 0 retweets 0 likes
@sleevi_ @davidben__ @igrigorik @SaveTheRbtz I think for a browser that models client compromise differently than Chrome, it could matter.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.