|
|
|
|
|
|
by tialaramex
1380 days ago
|
|
|
A concern is: Does it fail closed? It's easy to imagine an Apple engineer finds this fails sometimes for crap-CA whose OCSP server is kinda-sorta maybe working, in Bremen at least, usually, although not on weekends, and they go "Oh, I can fix this, just ignore if it fails" and now we've got our old friend the "Seatbelt that snaps when you crash" back. Mozilla's choice here avoids that problem coming up which means nobody needs to push back when it gets "solved" in this regressive way. |
|
|