The difficulty of making sure your website is broken

4 comments

• paulirish1 hour ago
  <a href="https:&#x2F;&#x2F;badssl.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;badssl.com&#x2F;</a> also offers several test subdomains in the same vein.
• ipython48 minutes ago
  Interesting. Chrome (146, macOS) shows no error messages on the revoked cert pages, but Firefox does (also macOS).
  • mcpherrinm43 minutes ago
    Yeah, Chrome only partly supports revocation (Not sure exactly the criteria, but our test sites don&#x27;t match it).
  • moralestapia6 minutes ago
    Same with Brave, so it is a Chromium thing.
• lifis30 minutes ago
  Vanadium, Chrome and Firefox (all for Android) all accept all the revoked certificates... But revoked.badssl.com is considered revoked
• bullen1 hour ago
  Meanwhile HTTP keeps working just fine and is decentralized.<p>Just &quot;add your own crypto&quot; on top, which is the ONLY thing a sane person would do.<p>3... 2... 1... banned?
  • xandrius58 minutes ago
    Did you self-ban?
    • bullen43 minutes ago
      XD Nope, more like self destruct! ;)