Reminder they webpki is still completely broken - now Google OCSP down http://clients1.google.com/ocsp Wonder if there is a targeted attack happening now
-
-
If the client hard fails on OCSP errors, then the client won't be able to access Google websites. No mainstream browser hard fails by default, so practical consequence is likely minimal. Some non-browser clients might hard fail on OCSP errors, but I don't know of any.
-
Also, as a publicly-trusted CA, Google is required to "maintain an online 24x7 Repository that application software can use to automatically check the current status of all unexpired Certificates issued by the CA" [Baseline Requirements]. They are currently in violation.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.