Comment on Decreasing Certificate Lifetimes to 45 Days
mbirth@lemmy.ml 1 month agoThe point is, if the certificate gets stolen, there’s no GOOD mechanism for marking it bad.
That’s what OCSP is for. Only Google isn’t playing along as per that wiki entry.
KairuByte@lemmy.dbzer0.com 1 month ago
I mean, are you intending to retroactively add SSL to every tool implementing SSL in the past few decades?…
Browsers aren’t the only thing that ingress SSL.
mbirth@lemmy.ml 1 month ago
Then there’s the older way of checking CRLs which any tool of the past few decades should support.