|
|
|
|
|
|
by alanfranz
252 days ago
|
|
|
One thing the article doesn’t mention is that a lot of certs are revoked for purely admin reasons. CeasedOperations seems to be the case for Flair - nothing bad happened to the key, but the cert was revoked nevertheless. This seems to be a common practice for some CAs or companies, but it’s not required AFAICT; and it contributes to the gigantic CRLsets that we have - most of those revocations wouldn’t actually be needed from a security pov. |
|
|