725986 - Implement UI to deal with missing fresh revocation information (override if neither OCSP nor CRL)

Status: RESOLVED WONTFIX

(Core Graveyard :: Security: UI, defect)

Description

[Kai Engert (:KaiE:)]

Implement UI to deal with missing fresh revocation information (override if neither OCSP nor CRL)

If neither fresh OCSP information nor fresh CRL information is available when visiting a secure site, and when strict revocation checking is enabled, the user's connection attempt will be blocked - which is a particularly bad user experience at captive portals.

This UI should make use of captive portal detection.

In general, missing OCSP/CRL should be treated by giving strong security warnings, and users should be allowed to "connect anyway", but in general we should strongly discourage them from connecting anyway (similar as today's bad certificate error page).

However, whenever a captive portal is detected, the UI might be slightly less discouraging, together with a good explanation, and asking the user to verify that "being at a captive portal is really expected".

Any such overrides added while being at the captive portal (not yet paid) should automatically be removed immediately after the captive portal switches to open (now paid).

Comment 1

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

This isn't something we can do right now. If the problems with servers stapling expired OCSP responses have taught us anything, it's that this would break the web for too many people.