-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
enable certificate revocation #518
enable certificate revocation #518
Comments
@diracdeltas is this just the timeout for security features like HSTS? |
I'm pretty sure that's the issue because I just tried it on a local build and it worked fine |
No, it's the issue of CRLsets in Brave which are not enabled by default for embedders. |
@bridiver the test case works on high sierra; AFAIK it doesn't work on linux and windows |
I'll look, but I haven't found anything in the code that is different for google chrome builds |
@bridiver let me forward you an email thread from google security |
this is also a problem on MacOS - the test case might not work though depending on your system TLS settings |
Verification passed on
Verified passed with
Verification passed on
|
This seems to doesn’t be the case anymore. I can access both of this website, and the grc revocation test. |
Thanks for the report @PoorPocketsMcNewHold.
With a clean profile on I see that revoked.badssl.com gives the correct error: and I see the same error page for revoked.grc.com: |
Please reopen this issue. Websites tested: All websites are opened, instead Brave should warn based on CRLsets that these are revoked. |
https://revoked.badssl.com should show up as revoked on all platforms. this is the same issue as brave/browser-laptop#12510 but for brave-browser.
the underlying problem is that we don't use chrome's crlsets
The text was updated successfully, but these errors were encountered: