You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 10, 2019. It is now read-only.
If a user clicks "For this session only" and then closes the browser, the certificate that's in the browser is not deleted and in fact is still valid for up to one hour.
A proposed solution is to create single-use certs when the user requests an ephemeral session:
Hi! To help us better focus, I'm "closing" all issues that have been open for more than six months. These have been tagged "cleanup-2014" so that we can go back and review them in the future.
If a user clicks "For this session only" and then closes the browser, the certificate that's in the browser is not deleted and in fact is still valid for up to one hour.
A proposed solution is to create single-use certs when the user requests an ephemeral session:
This is related to issue #3769.
The text was updated successfully, but these errors were encountered: