Bug#745646: [Pkg-chromium-maint] Bug#745646: closed by Michael Gilbert mgilb...@debian.org (Re: Bug#745646: chromium: certificate revocation is not checked)

Hi, On 30/04/2014 02:28, Vincent Lefevre wrote: No, Chromium developers tell users not to enable it, and consider it as an obsolete option that will be removed. Indeed, in case of real MITM attack, the attacker can block the OCSP server, in which case Chromium will silently consider the

Bug#745646: [Pkg-chromium-maint] Bug#745646: closed by Michael Gilbert mgilb...@debian.org (Re: Bug#745646: chromium: certificate revocation is not checked)

On 2014-04-30 19:22:25 +0200, Giuseppe Iuculano wrote: *Please stop to reopen this bug.* The bug you're talking about has not been reopened. Bug 745646 is a different bug, specifically about the CRLSet system, which is very broken. That check is not enabled by default because it doesn't

Bug#745646: [Pkg-chromium-maint] Bug#745646: closed by Michael Gilbert mgilb...@debian.org (Re: Bug#745646: chromium: certificate revocation is not checked)

On 30/04/2014 19:49, Vincent Lefevre wrote: Bug 745646 is a different bug, specifically about the CRLSet system, which is very broken. What you write is not a bug, if you want to do revocation check you must enable it in settings. chromium --temp-profile Go to settings and enable revocation