When a user is using private mode. Route all traffic via TOR for true Private Browsing.58 votes
DNS-based Authentication of Named Entities (DANE) complements and sometimes replace the current trust model for certificates. Since it is based on the hierachical DNSSEC system, it doesn't have the flaw of having numerous (and sometimes a bit untrustworthy) certificate authorities all able to issue certificates for any domain. By making CAs unnecessay for domain-only certificates, it would shift their market to providing more reliable validation of additional information, such as who is the owner of the domain.36 votes
Current securicy policy restrict using cross-site cookies, like for multidomain shops or somehting. If I do ajax-request from one domain to another that request send without cookies information at all. It's like sandboxing, even if I write correct P3P-header.
Now I use workaround, like https://github.com/jpillora/xdomain but i need to include it in ie-only way. I want more simple and clean solution. Other browser-engines (webkit, firefox, presto) allow me to send and receive cross-domain cookies8 votes
When accessing a REST interface over https using a client cert, IE will ask for the certificate multiple times during the first request cycle if multiple requests are done. After the first request however, the browser will remember which cert to use.3 votes
- Don't see your idea?