Add a new attribute that represents if certificate revocation is being checked, using OCSP or CRL files. Include it in Interception and Content Spoofing threats since if a cert gets revoked but clients still trust it a MITM attack becomes possible, similar to when clients would not be verifying the server cert at all.
In Interception don't check for HTTP since isEncrypted should be false anyway.
In Content Spoofing don't check authorizesSource since it's about authentication the destination, not authorization.
Add a new attribute that represents if certificate revocation is being checked, using OCSP or CRL files. Include it in
InterceptionandContent Spoofingthreats since if a cert gets revoked but clients still trust it a MITM attack becomes possible, similar to when clients would not be verifying the server cert at all.In Interception don't check for HTTP since
isEncryptedshould be false anyway.In Content Spoofing don't check
authorizesSourcesince it's about authentication the destination, not authorization.