[bauer]

Thanks for the clarification. I was wondering if antivirus vendors would be removing superfish. I'm also curious what the process would be for revoking the root CA centrally. Is that something only the superfish vendor could do? Would anyone knowledgeable about this care to enlighten me?

[duskwuff]

Revoking a certificate requires it to have been created with a functional CRL / OCSP configuration. This isn't the case here; there's no way to revoke the CA short of uninstalling it from every machine it's present on.