#10865: Webpositive doesn't check for revoked certificates -----------------------------------------------+--------------------------- Reporter: xray7224 | Owner: pulkomandy Type: enhancement | Status: new Priority: normal | Milestone: Component: Applications/WebPositive | Version: Keywords: tls, ssl, certificate, revocation | R1/Development Blocking: | Blocked By: Platform: All | Has a Patch: 0 -----------------------------------------------+--------------------------- Webpositive should check if a TLS/SSL certficate has been revoked. It would be good if there was a drop down option to select between "hard fail", "soft fail" and "disabled". Those being: '''hard fail:''' if CRL/OCSP list is down it'll assmue it's revoked. '''soft fail:''' if the CLR/OSCP list is down then it'll trust it. '''disabled:''' No certificate revocation checking will occur. I think that hard fail should be the default as it's the safest option and from my experiance the CRL/OSCP lists rarely are unavailable. -- Ticket URL: <https://dev.haiku-os.org/ticket/10865> Haiku <https://dev.haiku-os.org> Haiku - the operating system.