Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

revoked.badssl.com #30

Closed
lgarron opened this issue May 15, 2015 · 8 comments
Closed

revoked.badssl.com #30

lgarron opened this issue May 15, 2015 · 8 comments
Labels
subdomain

Comments

@lgarron
Copy link
Collaborator

lgarron commented May 15, 2015

No description provided.

@lgarron
Copy link
Collaborator Author

lgarron commented Jun 3, 2015

https://test-sspev.verisign.com:2443/

@lgarron lgarron mentioned this issue Nov 30, 2015
Closed
@glestel
Copy link

glestel commented Dec 3, 2015

Regarding #120 I concur that having a revoked subdomain would be useful

@lgarron lgarron mentioned this issue Jan 3, 2016
Open
lgarron added a commit that referenced this issue Sep 2, 2016
@lgarron
Add revoked.badssl.com ; addresses #30.
ff418ca 
Actual revocation still needs to take place, but that is an external process.
@lgarron
Copy link
Collaborator Author

lgarron commented Sep 2, 2016
edited

https://revoked.badssl.com/ is live.

Requesting revocation right now. Revocation should be safe for hash-based CRLSets, since the new cert has a new key, and therefore a unique SPKI.

@lgarron
Copy link
Collaborator Author

lgarron commented Sep 2, 2016

Success!

screen shot 2016-09-02 at 14 42 16

@lgarron lgarron closed this as completed Sep 2, 2016
@lgarron lgarron mentioned this issue Sep 2, 2016
Open
@april
Copy link
Collaborator

april commented Sep 2, 2016

Brilliant choice of browsers, I might add.

@lgarron
Copy link
Collaborator Author

lgarron commented Sep 2, 2016

Here's the whole lot. ;-)

screen shot 2016-09-02 at 14 50 58

crywzvyusaa0qsb
(Edge screenshot via Kyle Pflug on Twitter.)

@april
Copy link
Collaborator

april commented Sep 2, 2016

Weird that Chrome still displays it, even knowing that the certificate is revoked.

@lgarron
Copy link
Collaborator Author

lgarron commented Sep 2, 2016

Weird that Chrome still displays it, even knowing that the certificate is revoked.

Old OSX bug. That's what we get for trying to use native idioms and UI where possible. :-/

lgarron added a commit that referenced this issue Sep 2, 2016
@lgarron
Add subdomain-revoked.pem to git. Addresses #30.
96165c9
april added a commit to april/badssl.com that referenced this issue Nov 8, 2016
@april
Merge branch 'master' of https://github.com/google/badssl.com
bfd1a5f 
* 'master' of https://github.com/google/badssl.com: (34 commits)
  Udpate checkout URL in the README.
  Fix front page icon rel=preload hrefs.
  Formatting consistency.
  Add Credit-Card and Password input test cases.
  Add `revoked` to the front page. Closes chromium#210.
  Add preloaded-expect-ct.badssl.com
  Add theme color test.
  Update very.badssl.com doge to reference CBC instead of RC4. Closes chromium#104.
  Condense root-preserving advice in README to four lines.
  Front page title bar hover title.
  Place GitHub ribbon in top right if there's space.
  Add subdomain-revoked.pem to git. Addresses chromium#30.
  revoked.badssl.com: update text now that the cert has actually been revoked.
  Add revoked.badssl.com ; addresses chromium#30.
  Remove rsa512 and rsa1024 from front page, since we can't use real certs on the live site.
  Tell compatible browser to load the white icons ahead of time.
  Front page: Add linkable anchors to the headings.
  Front page: make the rows taller.
  update the mozilla sites to reflect current guidelines (chromium#181)
  Front page: lower the `badssl.com` title slightly.
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
subdomain
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@april @lgarron @glestel