Gervase Markham wrote: > On 07/10/16 04:21, Peter Gutmann wrote: >> That still doesn't necessarily answer the question, Google have their CRLSets >> but they're more ineffective than effective in dealing with revocations >> (according to GRC, they're 98% ineffective, >> https://www.grc.com/revocation/crlsets.htm). > > That statistic assumes that all revocations are equal, which is clearly > not true. A revoked cert for www.google.com is orders of magnitude more > important to Chrome users than one for www.gerv.net.
Which "Chrome users"? Sure there are some users (at least me) for which my domains are "high-value domains" and much more important than the Google domains. Ciao, Michael. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
