This applies to a late 2012 MacBook Pro running OS X 10.8.x (fully patched): $ uname -a Darwin riemann.home.pvt 12.2.0 Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64 x86_64 Safari version is 6.0.2 (8536.26.17). I don't see how to get the underlying version of WebKit. When I revoked trust on some Valicert certificates, I had problems visiting OWASP. Unfortunately, Safari did not display Valicert in the chain, and Safari displayed the chain as good even though it prompted me that "Safari cannot determine the identity of the site www.owasp.org. A full description with screen captures (including a truncated OpenSSL s_client fetch) is available at http://serverfault.com/questions/460527/apple-valicert-godaddy-safari-webkit-and-certificate-trust.
My apologies for not moving the images to WebKit.org. Its easier to understand the narrative with inline pictures. In this respect, Stack Exchange provides a very good quorum.
<rdar://problem/12944691>
Moving to RESOLVED/INVALID since this doesn't appear to be an issue with WebKit. The issue will be tracked by <rdar://problem/12944691> going forward.