On 07/10/16 04:21, Peter Gutmann wrote: > That still doesn't necessarily answer the question, Google have their CRLSets > but they're more ineffective than effective in dealing with revocations > (according to GRC, they're 98% ineffective, > https://www.grc.com/revocation/crlsets.htm).
That statistic assumes that all revocations are equal, which is clearly not true. A revoked cert for www.google.com is orders of magnitude more important to Chrome users than one for www.gerv.net. Gerv _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
