On Mon, Aug 4, 2014 at 12:12 AM, Jeremy Rowley <jeremy.row...@digicert.com> wrote: > Why does OneCRL seem like a hack? Considering how infrequently intermediates > and roots are revoked, OneCRL seems like a satisfactory way to provide this > information long-term, provided that the certs are removed from OneCRL at > some point. I'd think they could safely remove the OneCRL certs after the > listed cert expires. For EE, OneCRL is only necessary where the other > methods of revocation are considered insufficient. If hard-fail OCSP is > turned on (the last point), then OneCRL for EE certs becomes obsolete.
Hack or not, its very important to check revocation there. We don't have armed guards at the data centers and if we did any attacker could easily come with more. The only viable defense here is to make sure that what is being guarded is not worth taking. ATMs are protected the same way - with a dye-pack that explodes on the cash if someone attempts to remove the cartridge. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
