Fast, private and secure (pick three): Introducing CRLite in Firefox
Submitted 3 days ago by leo@lemmy.linuxuserspace.show to news@lemmy.linuxuserspace.show
https://blog.mozilla.org/en/firefox/crlite/
Submitted 3 days ago by leo@lemmy.linuxuserspace.show to news@lemmy.linuxuserspace.show
https://blog.mozilla.org/en/firefox/crlite/
Cris_Color@lemmy.world 3 days ago
I don’t really understand it, but sounds like a nifty advancement!
Boris_NotTooBadinoff@lemmy.world 3 days ago
Basically if a site’s ssl certificate has been revoked by a Certificate Authority (due to fraud, shenanigans, etc…) Firefox will maintain a local list (~300kb) of all revoked certs. This way, if you visit a site with a revoked cert it will appear as untrustworthy
My hope is this stops, or slows, the shortening of certificate lifetimes. Currently the longest cert you can purchase is a 1 year cert, and google and apple are trying to force 90day, and in 2029 47 day lifetime certs. This is a headache for devices that need certs, but where cert renewals cannot be automated