You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OCSP check can time out. In this case AG makes an async check with an infinite timeout. The problem here is that until that check is finished AG counts cert valid.
Why?
OCSP servers are slow so revocation check can easily timed out.
Problem
OCSP check can time out. In this case AG makes an async check with an infinite timeout. The problem here is that until that check is finished AG counts cert valid.
Why?
OCSP servers are slow so revocation check can easily timed out.
What can we do?
It is not very good solution though:
https://www.imperialviolet.org/2014/04/29/revocationagain.html
https://code.google.com/p/chromium/issues/detail?id=361820
https://www.grc.com/revocation/crlsets.htm
http://www.zdnet.com/article/chrome-does-certificate-revocation-better/
The text was updated successfully, but these errors were encountered: