You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18 lines
538 B
18 lines
538 B
15 years ago
|
List of known security holes in KDE's SSL implementation and HTTPS support in
|
||
|
|
Konqueror.
|
||
|
|
-----------------------------------------------------------------------------
|
||
|
|
|
||
|
|
|
||
|
|
1) Caching should be done on a per-host basis, not per-certificate.
|
||
|
|
|
||
|
|
2) Autocompletion in form fields in HTTPS mode will result in various fields
|
||
|
|
such as pin numbers and possibly credit cards or other sensitive information
|
||
|
|
being silently written to disk in some cases.
|
||
|
|
|
||
|
|
|
||
|
|
3) Certificate revocation lists (CRLs) are not implemented. This should be
|
||
|
|
done after 2.2.
|
||
|
|
|
||
|
|
|
||
|
|
|