Hacker News new | past | comments | ask | show | jobs | submit login

Why not? Caching certificate chains makes sense. Bad hash functions are the norm in systems code, not the exception.



I guess I'm reading these two examples as: 1. an extra goto and 2. a strategy dealing with creating an ssl store that uses a 32(!) bit key. I'm not implying malice but they seem fundamentally different type of errors.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: