- From: Walter Gregg <northern84rain@startmail.com>
- Date: Fri, 30 Oct 2015 10:21:02 -0800
- To: public-mobileok-checker@w3.org
The mobileOK checker is erroneously(?) and somewhat randomly claiming that the certificates of linked-to HTTPS sites are invalid. I put a test document at http://walt.gregg.juneau.ak.us/2015/2015j30-w3c-mobileok-test containing a number of HTTPS links to Google and Pinboard properties. There are always two or more certificate errors. The certificates look fine here, even if I change my browser agent to match the mobileOK agent. Any chance of getting the checker to stop reporting these apparently erroneous HTTPS errors? The certs are wildcard certs, but now that you have to accept them just to use Google, surely the checker should not object. Security aware websites have been dropping weak bits of HTTPS. One hopes that the error doesn't really mean that the checker will only accept HTTPS sites when they allow some discontinued and dangerously weak encryption. Maybe the checker is being fed different certificates than I see? A man in the middle attack? Nah. Poor service to mobiles? I did try using the mobileOK user agent to check that, but everything still works here. Oops, I already said that. That's my feedback. Hopefully someone still maintains the old checker. Bye!
Received on Sunday, 1 November 2015 21:12:54 UTC