Letsencrypt/警告/ssl.comについて、ここに記述してください。
https://twitter.com/beyondDNS/status/1488761403657768960?s=20&t=iBgTon7X_y7tlkwufHK-IQ
https://www.ssl.com/article/page-load-optimization-ocsp-stapling/
https://www.ssl.com/blogs/how-do-browsers-handle-revoked-ssl-tls-certificates/
Mozilla Firefox Apple Safari Microsoft Edge Variation Between Browsers
Conclusion
The results appear to indicate that revocation is still a problematic issue for desktop web browsers (mobile devices represent a whole different world, but that’s a topic for another article).
Google Chrome
Chrome relies on CRLSets for revocation checking. A CRLSet is simply a list of revoked certificates which is pushed to the browser as a software update. According to the Chromium Projects website, the processes by which Google generates CRLSets are proprietary, but also that
- CRLSets… are primarily a means by which Chrome can quickly block certificates in emergency situations. As a secondary function they can also contain some number of non-emergency revocations. These latter revocations are obtained by crawling CRLs published by CAs.