[nickf]

What non-HTTP services need publicly-trusted certificates and care about revocation?

[formerly_proven]

mail

[nickf]

Like SMTP/IMAP etc? That would make sense, though I'm not sure how much revocation checking even happens there.

[eqvinox]

OCSP stapling: free feature of TLS library, works

OCSP must-staple: free feature of TLS library, works

plain OCSP: hit & miss, depends on the client software using the TLS library correctly

CRL: no.

… that's the crux of this entire thread.