@BattleSpectre: Yes, they're security procedures that are there for a reason, primarily for the sake of ensuring that secure (socket layer) connections are to the places that they say they are - this is especially important for things like online banking, but also for any other credential entries such as username and passwords. In this particular case it should be fine, the issue (re-)appeared due to intermediate certificate(s) being missing from the chain after they moved over to new load balancers - all you're doing by disabling the check is ignoring the revocation notice for the cert and entering the site anyway. For sites you're certain you can trust (including their security) that's fine, but the OCSP checks should definitely be re-enabled afterwards, especially if you're sending any particularly sensitive information like card details.
That said, the OCSP/CRL checks can soft-fail and not warn you for the vast majority of browsers as well, allowing the checks to not actually occur at times and allow you to visit sites with potentially invalid certificates..the primary exception to this being sites that use EV (Extended Validation) - if the OCSP server check fails in such cases it's normally assumed that it's invalid and will prevent access; as such most online banking sites and other monetary transaction sites such as stores will use EV certs whenever card details need to be added to ensure they are actually secure. Google's CRLSets method also gives EV certs particular notice because of this, though I'd still advise enabling normal OSCP checks in Chrome if you want to be extra safe - CRLSets relies on Google's crawlers to update and as such has additional delays that more standard methods don't have.
Long Story short: it'd be best to disable said revocation check only temporarily while logging in and then re-enable it afterwards, as outside of the few https pages on GS the check being enabled won't cause any issues with the site anyway and it's a security risk whenever sensitive data has to be sent over the internet.
You can also simply keep the *.gamespot.com cookies to avoid being logged out for a while. You may wish to change your password after this is fully resolved as a just-in-case security precaution too.
Log in to comment