gnu/wget2
1
0
Fork 0
mirror of https://gitlab.com/gnuwget/wget2.git synced 2026-02-01 04:10:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
tim/mingw-binfmt
wget2/docs
History
Tim Rühsen 35986bd093 Disable explicit OCSP requests by default 
* docs/wget2.md: Document --ocsp default value as 'off'.
* src/options.c (struct config): Disable .ocsp by default.

OCSP validation of the server certificate implies privacy issues:
  - The OCSP request tells the CA which web service the client tries to reach.
  - The OCSP requests are sent via unencrypted HTTP, so every "listener in the
    middle" can see which web service the client tries to connect.
Additionally, the OCSP requests slow down operation and may cause unexpected
network traffic, which may trigger security alarms unnecessarily.

Due to these issues we explicitly disable OCSP by default.
2024-05-18 14:44:53 +02:00
..
development
announce_2.0.0.txt
* docs/announce_2.0.0.txt: Add list of noteworthy changes
2021-09-12 14:02:52 +02:00
announce_2.0.1.txt
Release v2.0.1
2022-05-27 11:48:57 +02:00
announce_2.1.0.txt
announce: Remove trailing spaces
2023-09-11 10:26:38 +02:00
announce_template.txt
* docs/announce_template.txt: Fix sc_trailing_blank
2023-07-08 13:03:54 +02:00
DoxygenLayout.xml
Update cfg.mk. Add comments for future
2019-09-10 23:02:05 +02:00
faq.md
gen-logo.sh
libwget.doxy.in
src/libwget.doxy.in: Update doxygen file
2019-11-02 16:23:38 +01:00
Makefile.am
* docs/Makefile.am: Add README.md to DISTCLEANFILES unconditionally
2019-07-11 15:17:13 +02:00
wget2_md2man.sh.in
wget2.md
Disable explicit OCSP requests by default
2024-05-18 14:44:53 +02:00
wget-logo.png