Mac users listen up! Enable certificate checking

Mac users listen up! Enable certificate checking.

Do it now. It will take you a minute if you’re slow, and there’s no downside to speak of:

The only downside to this extra checking is possibly a slight delay to perform the request the first time you go to a web site and when the cache expires. This should be less overhead than downloading a small image, so I’m not worrying about it.

I am very surprised that OCSP (online certificate status protocol) hasn’t been enabled by default in every version of OS X and Safari ever. I’m also surprised at how weak and uninformative the warning from Safari is.

(Via O’Reilly Radar’s Four Short Links today.)