| 1 |
Am Wed, 18 Mar 2015 16:41:25 -0700 |
| 2 |
schrieb walt <w41ter@×××××.com>: |
| 3 |
|
| 4 |
[...] |
| 5 |
> FF will not even show me the secure att.com webpage. I get an entire html page |
| 6 |
> with this (very big) error message: |
| 7 |
> |
| 8 |
> Secure Connection Failed |
| 9 |
> |
| 10 |
> An error occurred during a connection to www.att.com. The OCSP server experienced |
| 11 |
> an internal error. (Error code: sec_error_ocsp_server_error) |
| 12 |
> |
| 13 |
> The page you are trying to view cannot be shown because the authenticity of the |
| 14 |
> received data could not be verified. |
| 15 |
> |
| 16 |
> Please contact the website owners to inform them of this problem. |
| 17 |
> |
| 18 |
> |
| 19 |
> Am I the only one seeing this error message on firefox? I'll try compiling the |
| 20 |
> gentoo version to see if the behavior is different. |
| 21 |
|
| 22 |
OCSP has nothing to do with AT&T, it is a security feature that is supposed to |
| 23 |
help verify the authenticity of certificates. From what I've read on tech |
| 24 |
news sites, it has fallen out of favor precisely due to issues like this |
| 25 |
(Chrome has deactivated it, for example). See |
| 26 |
https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol; also see |
| 27 |
https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning for one (the?) |
| 28 |
replacement. |
| 29 |
|
| 30 |
(Note that I am speaking as a user, so feel free to clarify if I'm not being |
| 31 |
100% correct.) |
| 32 |
|
| 33 |
As to how to work around it, perhaps it makes sense to turn the feature off? |
| 34 |
|
| 35 |
HTH |
| 36 |
-- |
| 37 |
Marc Joliet |
| 38 |
-- |
| 39 |
"People who think they know everything really annoy those of us who know we |
| 40 |
don't" - Bjarne Stroustrup |
Archives