[kevinoconnor7]

Just to play devil's advocate, maintaining a CRL is quite expensive. Cloudflare detailed those costs here: https://blog.cloudflare.com/the-hard-costs-of-heartbleed/

Let's Encrypt avoided this by partnering with Akamai. Though StartCom really should have made an exception for Heartbleed.