From 6348826519ad139d72a5fee90f1c7f695b94ccb4 Mon Sep 17 00:00:00 2001
From: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Sat, 8 Jul 2017 05:12:52 +1200
Subject: [PATCH] 1212: turn on OCSP

---
 user.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/user.js b/user.js
index 1d48310..8b65eec 100644
--- a/user.js
+++ b/user.js
@@ -647,10 +647,9 @@ user_pref("security.ssl.enable_ocsp_stapling", true);
 user_pref("security.OCSP.enabled", 1);
 /* 1212: enable OCSP revocation. When a CA cannot be reached to validate a cert, Firefox currently
  * continues the connection. With OCSP revocation, Firefox terminates the connection instead.
- * [WARNING] Since FF44 the default is false. If set to true, this may/will cause some
- * site breakage. Some users have previously mentioned issues with youtube, microsoft etc
+ * [WARNING] Since FF44 the default is false. If set to true, this will cause some site breakage
  * [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ ***/
-   // user_pref("security.OCSP.require", true);
+user_pref("security.OCSP.require", true);
 /** CERTS / HSTS (HTTP Strict Transport Security) / HPKP (HTTP Public Key Pinning) ***/
 /* 1220: disable Windows 8.1's Microsoft Family Safety cert [WINDOWS] (FF50+)
  * 0=disable detecting Family Safety mode and importing the root