[Pkg-chromium-maint] Bug#745646: chromium: certificate revocation is not checked

Jonathan Nieder jrnieder at gmail.com
Wed Apr 30 18:30:39 UTC 2014


Giuseppe Iuculano wrote:
> On 30/04/2014 19:49, Vincent Lefevre wrote:

>> Bug 745646 is a different bug, specifically about the CRLSet system,
>> which is very broken.
> What you write is not a bug, if you want to do revocation check you must
> enable it in settings.

However Vincent is right that the CRLSets[1] are a different mechanism
than OCSP revocation checking and that CRLSet checking is enabled by
default.  If it is broken then that would indeed be a serious bug.

Hope that helps,

[1] http://dev.chromium.org/Home/chromium-security/crlsets

More information about the Pkg-chromium-maint mailing list