Wouldn't it be more reasonable for browsers to not cache them at all and univers... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kazazes on Feb 6, 2016 \| parent \| context \| favorite \| on: HN is in the same cluster as 2ch, not Techcrunch, ... Wouldn't it be more reasonable for browsers to not cache them at all and universally reject missing intermediate certificates? (IIRC correctly, Chrome doesn't mind but Firefox will give you the train conductor)

schoen on Feb 6, 2016 [–]

It would definitely eventually reduce the frequency of this configuration mistake.

Firefox definitely does cache intermediates (I've seen it do so as recently as today).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact