Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Cari Bantuan

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Pelajari Lebih Lanjut
Utas ini sudah ditutup dan diarsipkan. Silakan membuat pertanyaan baru jika Anda membutuhkan bantuan.
Dikunci Diarsipkan

Why does Firefox makes an http request to ietf.org even when in HTTPS-only mode? (OCSP related)

Firefox Privasi dan keamanan
jscher2000 -... replied
SuMo Bot
SuMo Bot

When in HTTPS-only mode and the "Query OCSP responder servers" settings is enabled, Firefox makes an http request on port 80 to ietf.org.

details:

  • HTTPS-only mode on, OCSP on:
  • go to http://ietf.org/
  • requests are made to:

ocsp.starfieldtech.com ietf.org ocsp.digicert.com

  • HTTPS-only mode on, OCSP on:
  • go to https://ietf.org/
  • requests are only made to:

ocsp.starfieldtech.com ocsp.digicert.com

why is this? (Firefox 103 on macOS 10.15)

When in HTTPS-only mode and the "Query OCSP responder servers" settings is enabled, Firefox makes an http request on port 80 to ietf.org. details: * HTTPS-only mode on, OCSP on: * go to '''http'''://ietf.org/ * requests are made to: ocsp.starfieldtech.com ietf.org ocsp.digicert.com * HTTPS-only mode on, OCSP on: * go to '''https'''://ietf.org/ * requests are only made to: ocsp.starfieldtech.com ocsp.digicert.com why is this? (Firefox 103 on macOS 10.15)

Semua Balasan (2)

SuMo Bot
SuMo Bot Pemilik pertanyaan

(ignore this post)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer

The server at http://ietf.org returns a 302 redirect to https://www.ietf.org/ so I'm not sure whether HTTPS-Only causes anything different to happen there.

There probably is a diagram somewhere showing the exact request flow for HTTPS-Only mode and whatever implications OCSP might have.

SuMo Bot
SuMo Bot Pemilik pertanyaan

This question has been locked because the original author has deleted their account. While you can no longer post new replies, the existing content remains available for reference.