Today, feb,13;2025, at about 10h UTC I experienced wired certificate errors with this forum using torbrowser. Maybe it was down for maintainance or there was an MITM incident, who knows…
correct, thanks for the update
1 Like
Did you save the error message?
2 Likes
did not do.
I think it is a problem with my machine. The Problem also disappeared, the NSA found nothing of value here 
Just wanted to know if others had problems to access the forum.
1 Like
Forensic freeze needed!
I guess, my browser and/or net-vm has been hacked.
Do we have a means to freeze and clone a running qube for forensics purposes?
Would be good to share a frozen hacked net-vm for research purposes.
Cloning works just with stopped qubes guests.
Virtualbox can freeze a running VM.
Any ideas to do this in qubes, freeze and share e.g. the non-template part of a vm.
1 Like
I experienced it too.
Firefox was responding with MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING.
Setting security.ssl.enable_oscp_stapling to False in about:config allowed me to access the site again, but it’s not ideal…
3 Likes
OCSP is a mess. Difficult to implement server side. Speaking from experience.
The days of OCSP might be counted. References:
Dev/About Infrastructure - Kicksecure chapter OCSP
And even the threat model of OCSP / revocation is rather obscure. If a server gets compromised, and if the server operator notices and goes through the revocation process, then the user will benefit from it as soon as the revocation mechanism has been used. Not a bad thing but at least a limited damage control.
In short: I wouldn’t worry.
3 Likes
Yes, I remember the error was about ocsp and firefox of torbrowser brought some messy explanations.
1 Like