New issue
Advanced search Search tips

Issue 616433 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Jun 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug-Security



Sign in to add a comment

No warning page and blocking while visiting SSL site with revoked certificate

Reported by i...@lyl-canbys.de, Jun 1 2016 
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.63 Safari/537.36

Steps to reproduce the problem:
1. Open https://revoked.grc.com/
2. Website shows up
3. Red lock shows in addressbar

What is the expected behavior?
Chromium blocks the connection as the certificate is revoked and show a internal error page about invalid certificate

What went wrong?
Access is not blocked to insecure page.
No Chromium internal error page about revoked certificate is shown

Did this work before? N/A 

Chrome version: 51.0.2704.63  Channel: stable
OS Version: Debian 8.4 x64
Flash Version: Shockwave Flash 21.0 r0

Comment 1 by f...@chromium.org, Jun 2 2016

Labels: -Restrict-View-SecurityTeam
Status: WontFix (was: Unconfirmed)
Hi, thanks for the report. There is an explanation about this in our FAQ: http://www.chromium.org/Home/chromium-security/security-faq#TOC-What-s-the-story-with-certificate-revocation-

Comment 2 by f...@chromium.org, Jun 2 2016

Components: Internals>Network>SSL
Project Member

Comment 3 by sheriffbot@chromium.org, Oct 1 2016 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 4 by sheriffbot@chromium.org, Oct 2 2016 

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by mbarbe...@chromium.org, Oct 2 2016

Labels: allpublic

Sign in to add a comment