The difficulty of making sure your website is brokenletsencrypt.org28 points by mcpherrinm 3 hours ago
ipython an hour agoInteresting. Chrome (146, macOS) shows no error messages on the revoked cert pages, but Firefox does (also macOS).mcpherrinm an hour agoYeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don't match it).moralestapia 40 minutes agoSame with Brave, so it is a Chromium thing.
mcpherrinm an hour agoYeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don't match it).
lifis an hour agoVanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revokedRunningDroid 33 minutes ago> Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revokedFirefox Beta (150.0b7) is accepting all of the revoked certs on my device
RunningDroid 33 minutes ago> Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revokedFirefox Beta (150.0b7) is accepting all of the revoked certs on my device
bullen 2 hours agoMeanwhile HTTP keeps working just fine and is decentralized.Just "add your own crypto" on top, which is the ONLY thing a sane person would do.3... 2... 1... banned?xandrius 2 hours agoDid you self-ban?bullen an hour agoXD Nope, more like self destruct! ;)
https://badssl.com/ also offers several test subdomains in the same vein.
Interesting. Chrome (146, macOS) shows no error messages on the revoked cert pages, but Firefox does (also macOS).
Yeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don't match it).
Same with Brave, so it is a Chromium thing.
Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revoked
> Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revoked
Firefox Beta (150.0b7) is accepting all of the revoked certs on my device
Meanwhile HTTP keeps working just fine and is decentralized.
Just "add your own crypto" on top, which is the ONLY thing a sane person would do.
3... 2... 1... banned?
Did you self-ban?
XD Nope, more like self destruct! ;)