undefined | Better HN

0 pointsimmibis6mo ago0 comments

Certificate transparency is mandatory in browsers; interception certificates appear in certificate logs to be accepted. Have you found one?

Edit: OCSP has been ended.

0 comments

He might be referring to OCSP. Browsers ping CAs by default, revealing to them the sites that are visited.

OCSP is very much on the way out, this is hardly true anymore; although some things still check OCSP, many things do not.

j / k navigate · click thread line to collapse

0 pointsimmibis6mo ago0 comments

Certificate transparency is mandatory in browsers; interception certificates appear in certificate logs to be accepted. Have you found one?

Edit: OCSP has been ended.

He might be referring to OCSP. Browsers ping CAs by default, revealing to them the sites that are visited.

OCSP is very much on the way out, this is hardly true anymore; although some things still check OCSP, many things do not.

j / k navigate · click thread line to collapse