Comment on Decreasing Certificate Lifetimes to 45 Days
mbirth@lemmy.ml 1 week agoThe point is, if the certificate gets stolen, there’s no GOOD mechanism for marking it bad.
That’s what OCSP is for. Only Google isn’t playing along as per that wiki entry.
KairuByte@lemmy.dbzer0.com 1 week ago
I mean, are you intending to retroactively add SSL to every tool implementing SSL in the past few decades?…
Browsers aren’t the only thing that ingress SSL.
mbirth@lemmy.ml 1 week ago
Then there’s the older way of checking CRLs which any tool of the past few decades should support.