Michael Ströder wrote:
Nelson B Bolyard wrote:
<snip>
Does this CA also implement OCSP? Can we justify this on the grounds
that we do implement OCSP, and that OCSP will effectively displace CRLs
as the preferred revocation channel?
I'd say no. Use of OCSP should not be made mandantory.
I agree, especially for the non-EV case. Use of CRLs is going to
continue to be widespread for some time to come, so I think we really
have no choice but to invest in better CRL support (including putting
Mozilla funding into this if needed).
Frank
--
Frank Hecker
hec...@mozillafoundation.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
