SSL/TLS security certificate

jkfloris

Vivaldi does not check (like Chrome) if a certificate is revoked. see https://www.grc.com/revocation.htm for the test.

greybeard

Yet…

I am sure once Vivaldi is finalized there will be testing for certificate revocation.

Rainspa

I get a page that says "Your connection is not private", but when I click Advanced it says "Your information is still secure because Vivaldi stopped the connection before any data was exchanged". Is that unsafe?
With Firefox Avast blocked it.

cyrano

@jkfloris:

Vivaldi does not check (like Chrome) if a certificate is revoked.
see https://www.grc.com/revocation.htm for the test.

Neither does Chrome…

Besides, are we sure the test from grc is a valid one. Steve Gibson has a bit of a dodgy reputation in security circles.

cyrano

Vivaldi 1.0.403.24 (Beta 3) (64-bits) on OSX Mavericks connects fine. Should I update to a nightly?

cyrano

Updated to 1.0.425.3.

Vivaldi on OSX 10.9.5 still connects to https://revoked.grc.com/, showing

"If you can see this (and apparently you can), you
are using a revocation UNaware web browser!"

cyrano

Safari and Chrome work as they should, showing the right page.

I just updated Vivaldi, don't know the version as even the "about Vivaldi" tab doesn't open. And it still fails the test…

This is on OSX 10.9.5, Mavericks. Safari and Chrome are the latest versions.

cyrano

I've put Vivaldi through this series of tests:

https://revoked.grc.com (revoked certificate, see GRC Revocation Awareness Test);
https://tv.eurosport.com (the domain name does not match, see SSL Test Center by NetLock Ltd.);
https://qvica1g3-e.quovadisglobal.com (expired certificate, see QuoVadis Test Certificates);
https://self-signed.badssl.com (self-singed certificate, see BadSSL.com);
https://rc4.badssl.com/ (outdated RC4 cipher);
https://dh480.badssl.com/ (a weak Diffie-Hellman key).

The only one it fails, is Steve Gibson's (the first one in the list). So I'm wondering if that test is valid. If I can find the time, I'll look into it.

3Phase

Cyrano,

Vivaldi warned, blocked and refused to load or offer any way to load GRC's page. The only thing I can think of that would be stronger would be if the browser reached out and slapped me up side of the head and knocked my hands off of the keyboard.

======================

Your connection is not private

Attackers might be trying to steal your information from revoked.grc.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_REVOKED

Automatically report details of possible security incidents to Vivaldi. Privacy policy

ReloadHide advanced

revoked.grc.com normally uses encryption to protect your information. When Vivaldi tried to connect to revoked.grc.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be revoked.grc.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Vivaldi stopped the connection before any data was exchanged.

You cannot visit revoked.grc.com right now because this certificate has been revoked. Network errors and attacks are usually temporary, so this page will probably work later.

Isildur

@3Phase:

Cyrano,

Vivaldi warned, blocked and refused to load or offer any way to load GRC's page. The only thing I can think of that would be stronger would be if the browser reached out and slapped me up side of the head and knocked my hands off of the keyboard.

Hmm, Vivaldi blocked it on Windows, but on Linux and OS X, installations of Vivaldi passed me through to revoked.grc.com

skaboy71

@isildur said in SSL/TLS security certificate:

revoked.grc.com

Can we PLEASE get a setting to allow for self-signed certs on my local-network servers?

DoctorG

@skaboy71 You can add a correctly (self-)signed certificate to certificate store of your OS and it works with Vivaldi.
Or you create your own CA certificate and add it to certificate store of your OS.
Or you type blindly thisisunsafe when a error page about wrong certificate comes up, the you can proceed.

skaboy71

Yes. I'm aware of this but ............ it would really be nice to be able to add an IP address or my internal lan subnet and say "ignore ssl issues w these"

DoctorG

@skaboy71 said in SSL/TLS security certificate:

Yes. I'm aware of this but ............ it would really be nice to be able to add an IP address or my internal lan subnet and say "ignore ssl issues w these"

If Chromium would adds this as e exception setting, you could get it in Vivaldi. Report it for Chromium core to Chromium bug tracker. Vivaldi can not add this at this time.

sidradi

This post is deleted!

sidradi

This post is deleted!