I'm reading a webpage in elinks because Chromium has decided I can't override an expired cert, because HSTS
@whitequark @FrozenFire @bofh453 And part of the idea of using HSTS is that you want to avoid risk of old compromised certs being used.
-
-
@whitequark@FrozenFire@bofh453 If expiration is [part of] your cert revocation model you don't want users easily tricked into ignoring it. -
@RichFelker@whitequark@FrozenFire IMO cert revocation based on anything other than "this cert is different than last time, wtf" is useless -
@bofh453@whitequark@FrozenFire Pinning and Certificate Transparency address these issues, but expiration is important too.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.