Hmm does ntpsec only test their website with Chrome? Firefox says "Secure Connection Failed ... The OCSP server suggests trying again later." I guess that's one of the reasons Chrome TLS devs say online (looked-up on-demand) certificate revocation is useless.