We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why does Firefox makes an http request to ietf.org even when in HTTPS-only mode? (OCSP related)

more options

When in HTTPS-only mode and the "Query OCSP responder servers" settings is enabled, Firefox makes an http request on port 80 to ietf.org.

details:

  • HTTPS-only mode on, OCSP on:
  • go to http://ietf.org/
  • requests are made to:

ocsp.starfieldtech.com ietf.org ocsp.digicert.com

  • HTTPS-only mode on, OCSP on:
  • go to https://ietf.org/
  • requests are only made to:

ocsp.starfieldtech.com ocsp.digicert.com

why is this? (Firefox 103 on macOS 10.15)

When in HTTPS-only mode and the "Query OCSP responder servers" settings is enabled, Firefox makes an http request on port 80 to ietf.org. details: * HTTPS-only mode on, OCSP on: * go to '''http'''://ietf.org/ * requests are made to: ocsp.starfieldtech.com ietf.org ocsp.digicert.com * HTTPS-only mode on, OCSP on: * go to '''https'''://ietf.org/ * requests are only made to: ocsp.starfieldtech.com ocsp.digicert.com why is this? (Firefox 103 on macOS 10.15)

All Replies (2)

more options

(ignore this post)

Modified by n0u355lo

more options

The server at http://ietf.org returns a 302 redirect to https://www.ietf.org/ so I'm not sure whether HTTPS-Only causes anything different to happen there.

There probably is a diagram somewhere showing the exact request flow for HTTPS-Only mode and whatever implications OCSP might have.