Re: [SECURITY] [DSA 2939-1] chromium-browser security update
On Sat, May 31, 2014 at 7:44 AM, Andrew McGlashan wrote:
> Does Chromium suffer from the Google decision to make use of OCSP
> impossible? Therefore, an untrustworthy browser.
Basically, the answer is the design of certificate revocation is
fundamentally flawed, and Google have their own security model:
http://www.imperialviolet.org/2012/02/05/crlsets.html
That should not in any way lead to the conclusion that chromium or
google chrome are untrustworthy. It just means that Google uses an
alternative approach to a fundamentally unsolvable problem.
Best wishes,
Mike
Reply to: