Certs don't validate when app is on Comcast's network


#1

We’ve had a couple people unable to validate their certs from the wallet app, but only when they are connected to their home networks. The only common factor we’ve been able to find is that they use Comcast as their ISP. They are able to validate when they connect to our campus VPN, or just turn off wifi and use their cell network.

Has anyone else seen this, or have any ideas what could be wrong?


#2

That’s interesting. Have you reproduced this in the blockcerts.org verifier as well? I see you mention the wallet app.

There’s three requests that need to have. 1 is a blockchain explorer, 1 is the issuer profile, and 1 is the revocation list on the issuer profile.

Not sure where your hosting the issuer profile / revocation list, but if you’re able to reproduce this with blockcerts.org verifying as well, it may be interesting to see if the hosting agent is blocking Comcast for whatever reason. If it’s only the mobile app, we’d need to investigate further what the app is doing different than the website.


#3

Does the blockcerts.org verifier do the verification steps on the client side? Our issuer profile and revocation list are hosted in AWS. The step that’s failing in the app is “Comparing computed hash with expected hash”


#4

Adding on… it’s not happening in the blockcerts.org verifier. We’ve had users try the in-app verifier (and fail), then try the blockcerts.org verifier (and pass). Thanks!


#5

I have had this issue come up with the Wallet and mobile browsers before, and it’s almost always in low bandwidth environments. I wonder what the actual bandwidth is on the Comcast network?