Security certificate revocation question pops up even though no changes made in MSIE.

I am using MS XP Pro, SP2. All Windows updates have been applied. I am using Norton AV 2005 and Zonealarm Pro. Again all updates have been applied. I have made no changes to the compter for a number of weeks and lately (in the last 2 weeks) I have been getting the "Revocation information for the secuity certificate for this site is not available. Do you want to proceed?" window popping up when I visit sites such as PayPal. I do not get the message every time I visit a secure website and I have received the message visiting both secure and non-secure websites.
The privacy control in Zonealarm is set to high for banner control and medium for cookie control. The secuity setting in MSIE is set to high for restricted sites, medium for the Internet.
I have run Ad-Aware, Spybot and XoftSpy to check for trojans and have found none.
Any ideas on what may be causing this to suddenly do this?

Kevin
kcbeckerAsked:
Who is Participating?
 
TolomirAdministratorCommented:
Here might be the solution:

http://support.microsoft.com/?scid=kb%3Ben-us%3B308087&x=20&y=12

SYMPTOMS
When you turn on the Check for server certificate revocation (requires restart) option in Internet Explorer, and then you visit a secure Web site for which the certificate revocation list distribution point (CDP) is unavailable, you get a message like:

> Revocation information for the security certificate for this site is not available.

> Do you want to proceed?

So the message is ok, though not very helpful, all it says is: The website has no link to a certification revocation list.
You enabled a setting in IE options, hiving you a hint, not all websites are setup properly ;-)

Tolomir


0
 
kcbeckerAuthor Commented:
I am using MSIE 6.0 on XP Pro. The link you pointed to is for MSIE 6.0 on windows 2000. I looked for "Check for server certificate revocation (requires restart)" and could not find it in the Internet Options/secuity, Internet Options/connections or Internet Options/privacy.
Is there another place to look to look for the" Check for server certificate revocation (requires restart)" ?
0
 
TolomirAdministratorCommented:
You are right, ok:

I found it in Internetoptions -> Advanced Settings -> Security -> Check for server certificate revocation (requires restart)

Tolomir
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
TolomirAdministratorCommented:
Internet Explorer Slow When Going to Secure Web Sites

Question: I notice that often when I go to secure (SSL) Web sites, it takes forever for the Web page to load. This doesn't happen on regular non-SSL Web sites. Is there anything I can do in Internet Explorer to speed things up? Thanks! -Ricky M.

Answer: It could be that the secure Web sites you're visiting haven't published their Certificate Revocation Lists (CRLs). This is a list that allows the browser to check whether the digital certificate used to secure the Web site has been revoked. While checking for server certificate revocation is a good security measure, it can slow down connections to smaller Web sites that don't publish their CRLs. Here's how to disable CRL checking:

Open Internet Explorer
Click the Tools menu and click Internet Options.
On the Internet Options dialog box, click the Advanced tab.
On the Advanced tab, scroll down the list until you find the Security group of options.
Remove the checkmark in the Check for server certificate revocation (requires restart) option.
Close Internet Explorer and open it again.

Tolomir
0
 
kcbeckerAuthor Commented:
I found the "Check for server certificate revocation (requires restart)". It's checked so I am assuming the problem (if there is one) is due to the site manager not keeping the CRL's up to date. I'll also assume that I am safe sticking to well known sites such as PayPal and when the message comes up it's OK to proceed.

Thanks for your help.
0
 
TolomirAdministratorCommented:
Yep,

I but would use a tool like spoofstick, to be sure, paypal is really paypal.com

http://www.corestreet.com/spoofstick/index.html

What is SpoofStick?
SpoofStick is a simple browser extension that helps users detect spoofed (fake) websites. A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL. The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places - hoping that some percentage of users won't notice the incorrect URL and give away important information. This practice is sometimes known as “phishing".

It's apart from frefox, available for IE too.

Tolomir
0
 
ddstylesCommented:
can someone suggest how the web manager (I manage a site that is having this issue) updates the CRL?
Much appreciated,  Duncan
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.