[HTTPS-Everywhere] Sites with incomplete chains
Jonas Witmer
sjw at gmx.ch
Thu Apr 23 02:44:15 PDT 2015
Am 15.02.15 um 19:17 schrieb Jacob Hoffman-Andrews:
> Good point! I think we are also missing some of the most current
> certificates from Firefox, which I plan to update:
> https://support.google.com/dfp_sb/answer/2524536?hl=en. If we still
> have issues after updating those, we may want to install the
> transitive closure of those certificates, from the SSL Observatory.
>
Am 23.04.15 um 11:40 schrieb Alexander Buchner:
> What should we do with sites with incomplete certificate chains?
>
> I just noticed that my Firefox will download extra certificates on the
> fly (and so doesn't complain about the missing certificate(s)) while the
> Firefox instance that starts by calling ./test.sh --justrun will not
> (and perhaps neither other clients).
>
> Should we write a rule for such a site (e.g. bundesrat.de) or should
> their implementation be regarded as broken?
>
>
>
> _______________________________________________
> HTTPS-Everywhere mailing list
> HTTPS-Everywhere at lists.eff.org
> https://lists.eff.org/mailman/listinfo/https-everywhere
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20150423/24d6adbe/attachment.html>
More information about the HTTPS-Everywhere
mailing list