> IMO putting OCSP or CRLs in public SSL certificates was never a > particularly good idea because the only likely case for a revocation > is when a CA fails to validate a customer. That has happened > but not often enough to motivate the building of new infrastructure.
Dont forget the sale of the domain or the server hacking. Revocation is needed in these cases. regards. Viktor _______________________________________________________________________ Ezt az e-mailt virus- es SPAM-szuresnek vetettuk ala a filter:mail MessageLabs rendszerrel. Tovabbi informacio: http://www.filtermax.hu This email has been scanned for viruses and SPAM by the filter:mail MessageLabs System. More information: http://www.filtermax.hu ________________________________________________________________________________________ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
