[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: wget2 | information leak with ocsp validation (#664)
From: |
@rockdaboot |
Subject: |
Re: wget2 | information leak with ocsp validation (#664) |
Date: |
Sun, 19 May 2024 10:29:16 +0000 |
Tim Rühsen commented:
https://gitlab.com/gnuwget/wget2/-/issues/664#note_1911670665
I think you are right that the we should not print a WARNING here. Because
enabling OCSP stapling now is default and OCSP requests are turned off, the
revocation isn't checked safely anyways. I'll turn it into a debug message.
Additionally, I added a warning about the privacy leak when OCSP is turned on.
Please let me know your thoughts on !549
--
Reply to this email directly or view it on GitLab:
https://gitlab.com/gnuwget/wget2/-/issues/664#note_1911670665
You're receiving this email because of your account on gitlab.com.
- wget2 | information leak with ocsp validation (#664), frigo (@freedge1), 2024/05/11
- Re: wget2 | information leak with ocsp validation (#664), frigo (@freedge1), 2024/05/11
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/12
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/12
- Re: wget2 | information leak with ocsp validation (#664), frigo (@freedge1), 2024/05/12
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/18
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/18
- Re: wget2 | information leak with ocsp validation (#664), Romain Geissler (@Romain-Geissler-1A), 2024/05/18
- Re: wget2 | information leak with ocsp validation (#664),
@rockdaboot <=
- Re: wget2 | information leak with ocsp validation (#664), Romain Geissler (@Romain-Geissler-1A), 2024/05/19
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/20
- Re: wget2 | information leak with ocsp validation (#664), Romain Geissler (@Romain-Geissler-1A), 2024/05/20