|
|
|
|
|
|
by woodruffw
155 days ago
|
|
|
One of the ideas behind short-lived certificates is to put certificate lifetimes within the envelope of CRL efficacy, since CRLs themselves don’t scale well and are a significant source of operational challenges for CAs. This makes sense from a security perspective, insofar as you agree with the baseline position that revocations should always be honored in a timely manner. |
|
|