Test Your Browsers SSL Awareness

Another detailed explanatory by the great Steve Gibson. Simply click the link his page here → GRC's | SSL/TLS Certificate Revocation Testing   to test your browsers certificate awareness abilities. Firefox is the only browser I currently have that passes this test, both for windows and android. All others failed, including Dragon using secure DNS.

I just tested Firefox, IceDragon and Dragon, all passed for me, so I dont know why your Dragon fails :o

[attachment deleted by admin]

In chromium based browsers you usually have to enable revocation checking if you want it active.

But should one do that?

No, don’t enable revocation checking (Adam Langley)

See also
Revocation checking and Chrome’s CRL
Revocation doesn’t work

TL;DR 88) I know I read it before but can’t remember the contents and cba to read it again… Basically I’m wondering, will enabling it actually cause any harm to me or is the issue the fact that it isn’t effective? Not being effective I can deal with as long as enabling it actually doesn’t cause me any kind of harm.

Lazy kitty. :stuck_out_tongue:

What harm it causes? Are you sure it does any good? :wink:

Not even denying it. 88)

If it does no harm but no good either then I see no issue with leaving it on for the off-chance that it might do some good sometime.

I have revocation checking turned off with Dragon, so unsure to why I can pass this test :o

Maybe some other setting is causing this behaviour for me, at least it makes my browsing with Dragon safer, I’m using OpenDNS and PrivDog would this make a difference ?

It is the Chromium’s CRLSets (see also certificate revocation list (CRL)), which you can read more about on the pages I linked to earlier.

Adam Langley again: Revocation still doesn’t work

That option is removed in Chromium 36 (Revision 269005).