Felipe Gasper <[email protected]> writes: >It begs the question … how relevant is certificate revocation nowadays? How >big of a problem is it if TLS validity checks ignore it?
Given that mbedTLS is unlikely to be used in public web servers, which means in turn it's unlikely to be used with certificates issued by public CAs, the issue of revocation probably won't crop up - you just use whatever trust mechanism was used to set up the initial cert to set up its replacement. Peter. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
