Would it be feasible for Mozilla to maintain a CRL-like that sidesteps the need for the CA to revoke a cert?
This way if a CA is behaving badly the certificate still gets invalidated. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
