I have been informed off-list that the answer to my question is no, and asked to open a phabricator task to allow for fail-over alternate certificate utilization in the case of revocations via OCSP or revocation list-based revocation.
I am strongly in favor of doing so, but I don't know how to categorize such a task or the group to assign it to. Any ideas? On Sun, Jan 29, 2017 at 8:32 PM, James Salsman <[email protected]> wrote: > Are Foundation servers able to withstand Online Certificate Status > Protocol certificate revocations, such as might occur according to RFC > 5280 when a government agency declares a private key compromised > because of secret evidence? _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
