Open Bug 1849744 Opened 1 year ago Updated 1 year ago

Sites serving revoked TLS certificates

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: denschub, Unassigned)

References

Details

User Story

url:account.netzero.net/*
url:www.bescom.co.in/*

Dennis Schubert [:denschub]

Reporter

Description

•

1 year ago

Some sites do serve TLS certificates that have been revoked, but they still work in Chrome. The difference between browsers here will probably go away after bug 1429800, but for now, let's track those cases.

Dennis Schubert [:denschub]

Reporter

Updated

•

1 year ago

See Also: → https://bugzilla.mozilla.org/show_bug.cgi?id=1429800

Dennis Schubert [:denschub]

Reporter

Updated

•

1 year ago

User Story: (updated)

See Also: → https://github.com/webcompat/web-bugs/issues/125093

Dennis Schubert [:denschub]

Reporter

Updated

•

1 year ago

User Story: (updated)

See Also: → https://github.com/webcompat/web-bugs/issues/125679

John Schanck [:jschanck]

Comment 1

•

1 year ago

For what it's worth, CRLite will probably increase the differences between browsers. CRLite is a more effective revocation checking tool than OCSP (about 10% of OCSP checks fail due to network errors), and we're the only browser that has a CRLite implementation.

Dennis Schubert [:denschub]

Reporter

Comment 2

•

1 year ago

Oh, then I missed something - I thought it would bring us closer to what Chrome does. Oh well. Then it's even better to keep track of those things. Thanks for the clarification! :)

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Sites serving revoked TLS certificates

Categories

(Web Compatibility :: Knowledge Base, defect)

Tracking

(Not tracked)

People

(Reporter: denschub, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Comment 1

Comment 2