Thanks for the link Paul. Indead this is a big issue and I think it can not be fixed as only Adobe can create signed RSLs! Let's make them as small as possible for now.
Haykel On 20 February 2012 11:20, Paul Evans <paulev...@creative-cognition.co.uk>wrote: > > On 20 Feb 2012, at 09:54, David Arno wrote: > > > The idea that Haykel was suggesting though would be to avoid serving it > from individual hosts and to serve it globally instead. That way the > browser only has to cache it once, not once per domain. There would be > cross-domain issues, but I think they could be solved. > > From previous discussion, Alex raised concern of potential exposure to a > man-in-the-middle attack - unless we find a way of getting them signed. > > http://markmail.org/message/ph6mvqgn5kj6m35n > >
