[Pkg-chromium-maint] Bug#745646: chromium: certificate revocation is not checked
Jonathan Nieder
jrnieder at gmail.com
Wed Apr 30 18:30:39 UTC 2014
Hi,
Giuseppe Iuculano wrote:
> On 30/04/2014 19:49, Vincent Lefevre wrote:
>> Bug 745646 is a different bug, specifically about the CRLSet system,
>> which is very broken.
>
> What you write is not a bug, if you want to do revocation check you must
> enable it in settings.
However Vincent is right that the CRLSets[1] are a different mechanism
than OCSP revocation checking and that CRLSet checking is enabled by
default. If it is broken then that would indeed be a serious bug.
Hope that helps,
Jonathan
[1] http://dev.chromium.org/Home/chromium-security/crlsets
More information about the Pkg-chromium-maint
mailing list