On Sat, Mar 28, 2020 at 07:11:43PM +1100, Matt Palmer wrote: > In concert with my (human-mediated) revocation notifications, I have been > sending semi-automated revocation requests to Let's Encrypt, using the ACME > protocol. This has been extremely smooth and straightforward, and my life > -- and, I presume, the lives of the staff at the CAs I've reported > revocations to -- would be a lot easier if every CA had an equivalent > facility available. I think this is so useful, in fact, that I have started > coding a program capable of receiving key compromise revocations and > forwarding them via e-mail, which will be released as open source when it is > in a fit state for deployment.
A follow-up to this part of my musings: I got a rush of the blood to the head over the weekend, and an initial release of this software is now available from https://github.com/tobermorytech/acmevoke. - Matt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy