Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I just tried https://sci-hub.tw/ (Chrome) and got a secure connection without warnings. Since the issuer of the certificate that my browser showed for the connection is "Comodo" I guess the revocation didn't reach my browser yet?

EDIT:

IE and Firefox say "insecure".

What really annoys me: There does not seem to be any way - none that I could find - to get IE and Firefox to connect anyway?



AFAIK Chrome doesn't check the CA revocation lists (but instead an aggregation of them by Google), so it doesn't know yet the cert is "bad".


On sci-hub.hk I get a non-SSL connection, if I try the 'trick' of http://journal_name.springer.com.sci-hub.hk/path/to?article I get the revoked SSL certificate

Firefox 59


There does not seem to be any way - none that I could find - to get IE and Firefox to connect anyway?

In Firefox, I think you can only by disabling the check (Preferences → Advanced → Certificates → Query OCSP ...). You probably don't want to keep that disabled, though.


It's fairly marginal, which is why it's switched off in Chrome. To get acceptable performance in the real world they have to soft fail. But that means most bad guys would just force it to fail and then it treats that as OK. So it's a seat-belt that snaps if there's a sudden impact. Not great.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: