Nelson, I know that there are other methods of revocation checking as CRL but I also read (and I may be wrong) the OCSP is the basically the "new" method so I have focused my attentions to this.
Anyway the message behind my post was: the user should have the assurance that a SSL connection should be safety. The closed padlock is misleading as the browser, to set it, doesn't take consideration about all the security aspects, as the revocation checking info. The problem is that every typical user only knows about the padlock and so his security perception is altered.
I also think that if developed as an extension, this last should be enabled by default: for example a simple icon (for example green if ok or red if ko), about revocation checking info, near the padlock should be, for me, a good solution. The user should be driven to consider that right, or better, the secure, combination about the two icons.
Nelson, I know that there are other methods of revocation checking as CRL but I also read (and I may be wrong) the OCSP is the basically the "new" method so I have focused my attentions to this.
Anyway the message behind my post was: the user should have the assurance that a SSL connection should be safety. The closed padlock is misleading as the browser, to set it, doesn't take consideration about all the security aspects, as the revocation checking info. The problem is that every typical user only knows about the padlock and so his security perception is altered.
I also think that if developed as an extension, this last should be enabled by default: for example a simple icon (for example green if ok or red if ko), about revocation checking info, near the padlock should be, for me, a good solution. The user should be driven to consider that right, or better, the secure, combination about the two icons.