[EMAIL PROTECTED] wrote: > On Mar 30, 7:13 pm, "Bill Burns" <[EMAIL PROTECTED]> wrote: > >> Yes -- and we'll have screen shots of example websites that are >> throwing OCSP-related errors because some well-known public CAs >> <cough> are not scaled up to fully support OCSP. With Vista, this is >> going to be a MUCH bigger issue which will confuse and upset many >> users and website owners. When FF enables OCSP by default the problem >> won't get better either. >> > > uh oh - as a website provider this concerns me. We're encountering the > OCSPDeadlock error while testing our plugin with Firefox 2. How do we > make sure our FF users don't get the problem? Our cert is issued by > Verisign - are they one of the problem CAs? > You will not get the OCSPDeadlock error in Firefox 3. In fact, could you please test with the experimental trunk versions of Firefox? The deadlock should be gone already. Can you confirm?
In Firefox 2 OCSP is disabled by default. In Firefox 3 we want to enable it by default, but the deadlock should be gone. This was possible on the trunk only, because of multithread architectural changes that only got added on the trunk for Firefox 3 et al. Kai _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
