Gervase Markham: > Eddy Nigg wrote: >> Jan Schejbal: >>> I did (now completely), but most of it seems to be a discussion about >>> CAs (not) revoking keys. As I understand it, if the CA does use only a >>> normal CRL (and not OCSP), firefox won't care. At least the >>> proof-of-concept attack on the akamai key still worked. >> Yes, as indicated CRL fetching is in the works. > > It is? Who's doing the work? > > Gerv
What I could find: https://bugzilla.mozilla.org/show_bug.cgi?id=321755 But Nelson has certainly more details. -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
