Opened 8 years ago

Closed 8 years ago

#3877 closed defect (invalid)

IETF rule broken with OCSP verification enabled.

Reported by: cypherpunks Owned by: pde
Priority: Low Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I'm using firefox with OCSP verification turned on (security.OCSP.require set to true in about:config).
When I try to read an RFC at ietf.org (e.g. http://www.ietf.org/rfc/rfc4086.txt ) I consistently get the error message:

Secure Connection Failed

An error occurred during a connection to www.ietf.org.
The OCSP server has refused this request as unauthorized.
(Error code: sec_error_ocsp_unauthorized_request)

The only "solution" is to turn off ocsp verification globally (or to disable the https everywhere IETF rule).

Child Tickets

Change History (1)

comment:1 Changed 8 years ago by pde

Resolution: invalid
Status: newclosed

This is a transient operational problem with IETF's CA(s), not an HTTPS Everywhere bug.

Note: See TracTickets for help on using tickets.