Thor Lancelot Simon <t...@rek.tjls.com> writes: >If you want to see a PKI tragedy in the making, have a look at the CRLs used >by the US DoD.
Only "in the making"? Actually it's all relative, in Japan the Docomo folks turned off CRLs because they found that even a relatively modest CRL (not just the DoD monsters) presented a nice DoS when sent over cellular data links. What happened was that as the CRLs grew, performance got worse and worse as the phone downloaded the CRL. It took them quite some time to diagnose that they were being DoS'd by their own PKI. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com