Am Wed, 18 Mar 2015 16:41:25 -0700 schrieb walt <w41...@gmail.com>: [...] > FF will not even show me the secure att.com webpage. I get an entire html > page > with this (very big) error message: > > Secure Connection Failed > > An error occurred during a connection to www.att.com. The OCSP server > experienced > an internal error. (Error code: sec_error_ocsp_server_error) > > The page you are trying to view cannot be shown because the authenticity of > the > received data could not be verified. > > Please contact the website owners to inform them of this problem. > > > Am I the only one seeing this error message on firefox? I'll try compiling > the > gentoo version to see if the behavior is different.
OCSP has nothing to do with AT&T, it is a security feature that is supposed to help verify the authenticity of certificates. From what I've read on tech news sites, it has fallen out of favor precisely due to issues like this (Chrome has deactivated it, for example). See https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol; also see https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning for one (the?) replacement. (Note that I am speaking as a user, so feel free to clarify if I'm not being 100% correct.) As to how to work around it, perhaps it makes sense to turn the feature off? HTH -- Marc Joliet -- "People who think they know everything really annoy those of us who know we don't" - Bjarne Stroustrup
pgpVs476f6bRj.pgp
Description: Digitale Signatur von OpenPGP
