{"id":222,"date":"2012-09-21T01:51:35","date_gmt":"2012-09-21T09:51:35","guid":{"rendered":"http:\/\/unmitigatedrisk.com\/?p=222"},"modified":"2012-09-21T01:52:21","modified_gmt":"2012-09-21T09:52:21","slug":"a-look-at-revoked-certificates","status":"publish","type":"post","link":"https:\/\/unmitigatedrisk.com\/?p=222","title":{"rendered":"A look at revoked certificates"},"content":{"rendered":"<p>So today I have done posts on the browser user experience for <a href=\"http:\/\/unmitigatedrisk.com\/?p=207\">expired<\/a> and <a href=\"http:\/\/unmitigatedrisk.com\/?p=214\">untrusted<\/a> certificates but we wouldn\u2019t have proper coverage on the topic of bad certificate user experience if we did not cover revoked certificates.<\/p>\n<p>VeriSign is kind enough to host a test site that uses a revoked certificate (I know we do too I just can\u2019t find it right now) so we will use that (<a href=\"https:\/\/test-sspev.verisign.com:2443\/test-SSPEV-revoked-verisign.html\">https:\/\/test-sspev.verisign.com:2443\/test-SSPEV-revoked-verisign.html<\/a>)<\/p>\n<p>Again what we want to see here is:<\/p>\n<ol>\n<li>Users are warned or prohibited from going to the site in question.<\/li>\n<li>The warning language used is easy to understand and explains the risks.<\/li>\n<li>The warning language used is related to the fact that the certificate is expired.<\/li>\n<li>The trust indicator does not show or is marked to indicate that there is a problem.<\/li>\n<\/ol>\n<p>In this case I think again Internet Explorer and Chrome do the best; The worse experience is in Opera as it leads the user to believe there is a connectivity problem unless they expand the error message.<\/p>\n<h2>Chrome<\/h2>\n<p><a href=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/chrome-revoked.png\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"158\" class=\"alignnone size-medium wp-image-227\" title=\"chrome-revoked\" src=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/chrome-revoked-300x158.png\" alt=\"\" srcset=\"https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/chrome-revoked-300x158.png 300w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/chrome-revoked-1024x541.png 1024w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/chrome-revoked-283x150.png 283w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/chrome-revoked.png 1358w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<h2>Internet Explorer<\/h2>\n<p><a href=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/ie-revoked.png\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"158\" class=\"alignnone size-medium wp-image-226\" title=\"ie-revoked\" src=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/ie-revoked-300x158.png\" alt=\"\" srcset=\"https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/ie-revoked-300x158.png 300w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/ie-revoked-1024x542.png 1024w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/ie-revoked-283x150.png 283w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/ie-revoked.png 1360w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<h2>Mozilla<\/h2>\n<p><a href=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/mozilla-revoked.png\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"157\" class=\"alignnone size-medium wp-image-225\" title=\"mozilla-revoked\" src=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/mozilla-revoked-300x157.png\" alt=\"\" srcset=\"https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/mozilla-revoked-300x157.png 300w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/mozilla-revoked-1024x537.png 1024w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/mozilla-revoked-285x150.png 285w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/mozilla-revoked.png 1352w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<h2>Opera<\/h2>\n<p><a href=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/opera-revoked.png\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"155\" class=\"alignnone size-medium wp-image-224\" title=\"opera-revoked\" src=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/opera-revoked-300x155.png\" alt=\"\" srcset=\"https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/opera-revoked-300x155.png 300w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/opera-revoked-1024x532.png 1024w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/opera-revoked-288x150.png 288w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/opera-revoked.png 1345w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<h2>Safari<\/h2>\n<p><a href=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/Safari-revoked.png\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"157\" class=\"alignnone size-medium wp-image-223\" title=\"Safari-revoked\" src=\"http:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/Safari-revoked-300x157.png\" alt=\"\" srcset=\"https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/Safari-revoked-300x157.png 300w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/Safari-revoked-1024x536.png 1024w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/Safari-revoked-286x150.png 286w, https:\/\/unmitigatedrisk.com\/wp-content\/uploads\/2012\/09\/Safari-revoked.png 1352w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>So today I have done posts on the browser user experience for expired and untrusted certificates but we wouldn\u2019t have proper coverage on the topic of bad certificate user experience if we did not cover revoked certificates. VeriSign is kind enough to host a test site that uses a revoked certificate (I know we do [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[3,4],"tags":[56,53,54,55],"class_list":["post-222","post","type-post","status-publish","format-standard","hentry","category-security","category-thoughts","tag-internet-explorer","tag-mozilla","tag-opera","tag-safari"],"_links":{"self":[{"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=\/wp\/v2\/posts\/222","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=222"}],"version-history":[{"count":0,"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=\/wp\/v2\/posts\/222\/revisions"}],"wp:attachment":[{"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=222"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=222"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unmitigatedrisk.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=222"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}