It's me Luigi

Q: Security Certificate Revocation Awareness Test Fail

I went to https://www.grc.com/revocation.htm in Safari Version 9.0.1 (11601.2.7.2) and clicked on the link ( https://revoked.grc.com/ ) to test my browser, it immediately opened the page stating:

Screen Shot 2015-12-02 at 11.05.40 PM.png

 

I performed the EXACT same test in Firefox Version 42.0 and received the following message:

Screen Shot 2015-12-02 at 10.37.08 PM.png

 

Why is Safari allowing invalid certificates while Firefox does not.

 

Yes, I am aware that the test is a benign test ( there is no malicious intent ).

But if this benign invalid certificate can get through Safari unchecked, what about a malicious one?

 

I use Safari as it I find it easier to use at the moment than Firefox.

 

Is there any way to fix this?

Is there anyway to tell Apple about this?

Mac mini, OS X El Capitan (10.11.1), 2.6 GHz. 1 TB Fusion. 16 GB RAM.

Posted on Dec 2, 2015 4:08 AM

Close

Q: Security Certificate Revocation Awareness Test Fail

  • All replies
  • Helpful answers