Hacker News new | ask | show | jobs
by marcinzm 2605 days ago
Where does it say that? The link says they centrally manage revocations using OneCRL and then push a single revocation list to browsers (independent of browser updates). Which means they can revoke any certificate they want using that mechanism.
1 comments
crehn 2604 days ago
Ah, you're correct. Seems they skip CA CRL/OCSP in favor of their own CRL. Thanks for the correction.
link