On 03/18/2009 12:57 PM, Nelson B Bolyard:
CDP is different, in numerous ways and for numerous reasons. Today, Firefox does not do fetching of certs based on CDP, but that is being implemented now, and I expect it will try potentially all DPs until it gets an acceptable answer or exhausts the list of DPs.
As far as I could see from the proposed patches, it indeed will loop through the list of CRLs until it finds one.
Perhaps the browser security UI folks should think about the risk of displaying strong security indicators for non-FQDN host names in URLs.
+1 -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
