[new23d]

We collected some data [1] on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [2].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41058138 [2] https://news.ycombinator.com/item?id=41046956