The difficulty of making sure your website is broken letsencrypt.org 28 points by mcpherrinm 3 hours ago
ipython an hour ago Interesting. Chrome (146, macOS) shows no error messages on the revoked cert pages, but Firefox does (also macOS). mcpherrinm an hour ago Yeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don't match it). moralestapia 40 minutes ago Same with Brave, so it is a Chromium thing.
mcpherrinm an hour ago Yeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don't match it).
lifis an hour ago Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revoked RunningDroid 33 minutes ago > Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revokedFirefox Beta (150.0b7) is accepting all of the revoked certs on my device
RunningDroid 33 minutes ago > Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revokedFirefox Beta (150.0b7) is accepting all of the revoked certs on my device
bullen 2 hours ago Meanwhile HTTP keeps working just fine and is decentralized.Just "add your own crypto" on top, which is the ONLY thing a sane person would do.3... 2... 1... banned? xandrius 2 hours ago Did you self-ban? bullen an hour ago XD Nope, more like self destruct! ;)
https://badssl.com/ also offers several test subdomains in the same vein.
Interesting. Chrome (146, macOS) shows no error messages on the revoked cert pages, but Firefox does (also macOS).
Yeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don't match it).
Same with Brave, so it is a Chromium thing.
Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revoked
> Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revoked
Firefox Beta (150.0b7) is accepting all of the revoked certs on my device
Meanwhile HTTP keeps working just fine and is decentralized.
Just "add your own crypto" on top, which is the ONLY thing a sane person would do.
3... 2... 1... banned?
Did you self-ban?
XD Nope, more like self destruct! ;)