[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: wget2 | information leak with ocsp validation (#664)
From: |
Romain Geissler (@Romain-Geissler-1A) |
Subject: |
Re: wget2 | information leak with ocsp validation (#664) |
Date: |
Sun, 19 May 2024 19:06:20 +0000 |
Romain Geissler commented:
https://gitlab.com/gnuwget/wget2/-/issues/664#note_1911755746
Ok with a backport of all the recent commits about OCSP in fedora 40, I end up
with this release (using --no-tcp-fastopen since on our network fastopen is not
working fine):
```
[root@9da25669cb1b 10.fc40]# wget --ocsp --no-tcp-fastopen
https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-1.7.1.tar.gz
WARNING: OCSP stapling is not supported by 'github.com', but OCSP validation
has been requested.
WARNING: This implies a privacy leak: the client sends the certificate serial
ID over HTTP to the CA.
WARNING: OCSP stapling is not supported by 'objects.githubusercontent.com', but
OCSP validation has been requested.
WARNING: This implies a privacy leak: the client sends the certificate serial
ID over HTTP to the CA.
jq-1.7.1.tar.gz.5 100%
[===================================================================================================================================================================>]
1.85M 38.90MB/s
[Files: 1 Bytes: 1.85M [939.31KB/s] Redirects: 1
Todo: 0 Errors: 0
]
[root@9da25669cb1b 10.fc40]# wget
https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-1.7.1.tar.gz
jq-1.7.1.tar.gz.6 100%
[===================================================================================================================================================================>]
1.85M 18.79MB/s
[Files: 1 Bytes: 1.85M [2.58MB/s] Redirects: 1
Todo: 0 Errors: 0
```
--
Reply to this email directly or view it on GitLab:
https://gitlab.com/gnuwget/wget2/-/issues/664#note_1911755746
You're receiving this email because of your account on gitlab.com.
- wget2 | information leak with ocsp validation (#664), frigo (@freedge1), 2024/05/11
- Re: wget2 | information leak with ocsp validation (#664), frigo (@freedge1), 2024/05/11
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/12
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/12
- Re: wget2 | information leak with ocsp validation (#664), frigo (@freedge1), 2024/05/12
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/18
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/18
- Re: wget2 | information leak with ocsp validation (#664), Romain Geissler (@Romain-Geissler-1A), 2024/05/18
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/19
- Re: wget2 | information leak with ocsp validation (#664),
Romain Geissler (@Romain-Geissler-1A) <=
- Re: wget2 | information leak with ocsp validation (#664), @rockdaboot, 2024/05/20
- Re: wget2 | information leak with ocsp validation (#664), Romain Geissler (@Romain-Geissler-1A), 2024/05/20