From: Marc Joliet <marcec@gmx.de>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Is this a bug in firefox-36.0?
Date: Thu, 19 Mar 2015 08:26:07 +0100 [thread overview]
Message-ID: <20150319082607.6546dad4@marcec.fritz.box> (raw)
In-Reply-To: <med2f6$3kb$1@ger.gmane.org>
[-- Attachment #1: Type: text/plain, Size: 1481 bytes --]
Am Wed, 18 Mar 2015 16:41:25 -0700
schrieb walt <w41ter@gmail.com>:
[...]
> FF will not even show me the secure att.com webpage. I get an entire html page
> with this (very big) error message:
>
> Secure Connection Failed
>
> An error occurred during a connection to www.att.com. The OCSP server experienced
> an internal error. (Error code: sec_error_ocsp_server_error)
>
> The page you are trying to view cannot be shown because the authenticity of the
> received data could not be verified.
>
> Please contact the website owners to inform them of this problem.
>
>
> Am I the only one seeing this error message on firefox? I'll try compiling the
> gentoo version to see if the behavior is different.
OCSP has nothing to do with AT&T, it is a security feature that is supposed to
help verify the authenticity of certificates. From what I've read on tech
news sites, it has fallen out of favor precisely due to issues like this
(Chrome has deactivated it, for example). See
https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol; also see
https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning for one (the?)
replacement.
(Note that I am speaking as a user, so feel free to clarify if I'm not being
100% correct.)
As to how to work around it, perhaps it makes sense to turn the feature off?
HTH
--
Marc Joliet
--
"People who think they know everything really annoy those of us who know we
don't" - Bjarne Stroustrup
[-- Attachment #2: Digitale Signatur von OpenPGP --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2015-03-19 7:26 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-17 23:49 [gentoo-user] Is this a bug in firefox-36.0? walt
2015-03-18 0:47 ` Daniel Frey
2015-03-18 1:15 ` [gentoo-user] " walt
2015-03-18 2:34 ` Daniel Frey
2015-03-18 19:42 ` »Q«
2015-03-18 1:07 ` [gentoo-user] " Zhu Sha Zang
2015-03-18 3:53 ` Fernando Rodriguez
2015-03-18 6:56 ` Mick
2015-03-18 4:48 ` Fernando Rodriguez
2015-03-18 23:41 ` [gentoo-user] " walt
2015-03-18 23:46 ` Daniel Frey
2015-03-19 1:06 ` Fernando Rodriguez
2015-03-19 10:57 ` walt
2015-03-19 15:29 ` Fernando Rodriguez
2015-03-19 7:26 ` Marc Joliet [this message]
2015-03-20 0:15 ` »Q«
2015-03-21 0:18 ` walt
2015-03-21 3:37 ` »Q«
2015-03-24 6:52 ` Mick
2015-03-24 9:36 ` Peter Humphrey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150319082607.6546dad4@marcec.fritz.box \
--to=marcec@gmx.de \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox