> Because they copied M$IE. This is no longer the case with the latest version of FF.
I read this afternoon that conversion of the certificate type from PEM format to the likes of PKCS#12 allows Firefox to cope
with a client server certificate exchange. However this config will likely break Shodan & urchin analytics.
I may attempt to test this in the next release...
> We do not trust browsers keychain management. We use their own keychain with care, and avoid linking it with system keychain.
The default Apache SSL verify depth of 10 certificate authorities is often unnecessary & may exacerbate the complex knob patching Ted is attempting simplify.
Regards
Patrick
No comments:
Post a Comment