Kyle,
Kyle Hamilton wrote:
Should there be a check to make sure that disparate sites aren't using
the same public key modulus/exponent?
That would be fairly hard to implement reliably.
Currently, we don't persist end-entity certs of web sites in general in PSM.
Even if we did, what is the likelihood for one individual browser to
have visited all those sites and be able to detect them ?
Those are problems that should be dealt with by revocation, which is not
a process that works for self-signed certs.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
