Warning, /frameworks/kdelibs4support/src/kssl/SECURITY-HOLES is written in an unsupported language. File is not indexed.
0001 List of known security holes in KDE's SSL implementation and HTTPS support in 0002 Konqueror. 0003 ----------------------------------------------------------------------------- 0004 0005 0006 1) Caching should be done on a per-host basis, not per-certificate. 0007 0008 2) Autocompletion in form fields in HTTPS mode will result in various fields 0009 such as pin numbers and possibly credit cards or other sensitive information 0010 being silently written to disk in some cases. 0011 0012 0013 3) Certificate revocation lists (CRLs) are not implemented. This should be 0014 done after 2.2. 0015 0016 0017