[Pkg-chromium-maint] Bug#745646: Bug#745646: closed by Michael Gilbert <mgilbert at debian.org> (Re: Bug#745646: chromium: certificate revocation is not checked)
Vincent Lefevre
vincent at vinc17.net
Wed Apr 30 17:49:17 UTC 2014
On 2014-04-30 19:22:25 +0200, Giuseppe Iuculano wrote:
> *Please stop to reopen this bug.*
The bug you're talking about has not been reopened.
Bug 745646 is a different bug, specifically about the CRLSet system,
which is very broken.
> That check is not enabled by default because it doesn't meaningfully add
> to security. Benefits of online revocation checking are insignificant
> and it compromises privacy (CA knows the IP address of users and sites
> they are visiting).
Well, DNS also compromises privacy... But anyway, OCSP is off-topic
here, since this bug is about the CRLSet system, which should be
fixed.
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the Pkg-chromium-maint
mailing list