Been testing out the free “Let’s Encrypt” certificates. I got a certificate for a web site I host. Then I revoked the certificate as one would do if the private key was stolen. However – chrome browser doesn’t do certificate revocation checking. At least it doesn’t for Let’s Encrypt. Firefox however does. Here’s the link to the site with a revoked cert:

If you get an error your browser is working. If you see the web site, it’s not. Cert was revoked the morning of October 4th,

I’m getting close to suing Google over their anti-http campaign. Here’s the link to my latest draft.



  1. Jeff says:

    In https the ‘s’ stands for secure, so “Not secure” is a completely accurate description of http traffic.

    Good luck with that lawsuit.

  2. Charles Indelicato says:

    This isn’t news: I heard Steve Gibson speaking of this some time ago:

  3. Jeff says:

    obviously you have them scared:
    time to add a retaliation charge to the lawsuit

  4. JK says:

    That’s from Chrome 61 for OSX, is that not correct behavior?

  5. Ah_Yea says:

    Marc, interesting complaint. Thought provoking.

    My observations, having been around the block a couple times.

    The root of your argument is:
    Google is stifling free speech (5 n) and Google is not a regulatory agency yet acting as one (5 m).

    Your argument will fail, because:
    As you correctly stated, Google is not a regulatory agency. Google is not any type of government agency, but a private business and therefore has no more weight of free speech than CNN, MSNBC, FOX, etc. BECAUSE…

    Google can legally express IT’S freedom of speech any way it wants. And it wants to argue that your sites are insecure.

    So here is how it will all fall out.

    A) You sue google.
    B) Google responds with a COUNTERSUIT and a GAG ORDER which a sympathetic judge will grant.
    C) Google will pound you with mountains of very expensive legal filing and actions till you go away.
    D) Lawsuit dies, and Google now owns your home and everything else for filing a false, libelous complaint against THEM.

    Are you sure you want to do this??

    • Ah_Yea says:

      If you do decide to sue Google, you MUST do these three things.

      A) Place all your worldly possessions in an irrevocable trust.

      B) Name me as the executor.

      C) 🙂 !!

  6. Hmeyers says:

    David vs. Goliath. I don’t think David is going to win these kind of fights, but it is nice to see Marc trying.

  7. Mark says:

    I tried safari (on a mac) and noted:
    o no lock icon to view the certificate (due to mixed secure & insecure content)
    o no obvious error messages (unless I bring up the console to view a couple errors like a missing favicon)
    After using developer mode, I brought up an image that was secure.
    o the lock icon was present
    o clicking on the lock and viewing the certificate, it said it was valid.

  8. Jennifer says:

    Please Describe in 350 to 750 Words. The article is not As much long as required to get good information. But still the nice try.

  9. Brad says:

    Opera, which is built on the chrome base, sees the revocation.

  10. tom says:

    Works fine in Firefox 56…

  11. tom says:

    Sorry, I’m a strong proponet of HTTPS!

  12. Tutuapp says:

    Working fine with Firefox. Mind sharing more details on the error?


Bad Behavior has blocked 5859 access attempts in the last 7 days.