2014-05-02, 02:42 #1
- Join Date
- Dec 2009
- Thanked 212 Times in 180 Posts
Google’s Chrome browser “blindly” trusting Heartbleed affected sites
The problem within Chrome is CRLSet, which catalogs revoked security certificates. If a website has been compromised and had their security certificate taken away, CRLSet should know about it and give you a warning before proceeding. Gibson Research Corporation claims Google’s CRLSet — used in lieu of the online certificate status protocol — misses about 98% of revoked certificates.
Subscribe to our Windows Secrets Newsletter - It's Free!
+ Get this BONUS — free!