[Webkit-unassigned] [Bug 162910] [SOUP] Move global TLS errors handling from ResourceHandle to SoupNetworkSession
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 5 00:51:26 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=162910
--- Comment #7 from Alex Christensen <achristensen at apple.com> ---
(In reply to comment #3)
> What's the problem of using SHA1 here? What's the security problem exactly?
I see certificates and SHA1 and think "Somebody could theoretically create a collision and something unexpected could happen and that's really bad with certificates." I'm not sure what the exact attack would look like, but it's up to you to decide whether that's important enough.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20161005/73445993/attachment.html>
More information about the webkit-unassigned
mailing list