On CRLs, OCSP, and a Short Review of Why Revocation Checking Doesn't Work (for Browsers)

Today I am going to talk about some regulation details of SSL/TLS connections. These connections rely on a chain of trust. This chain of trust is established by certificate authorities (CAs), which serve as trust anchors to verify the validity of who a device thinks it is talking to …

more ...