'We are announcing today our intention to end support for OCSP and deploy Certificate Revocation Lists (CRLs) as soon as possible,' Josh Aas, executive director and co-founder of Let's Encrypt, said ...

Recently, after reading a great engineering blog post on OCSP and CRL verifiers in Go, and after further discussion in the community, I’ve got an insight that made me really gloomy. Mass of projects ...

Let's Encrypt, the largest certification authority with over 387 million valid certificates, is moving away from the Online Certificate Status Protocol (OCSP). The CA (Certificate Authority) has now ...

This article was originally published on Scott Helme's blog and is reprinted here with his permission. We have a little problem on the web right now and I can only see it becoming a larger concern as ...

I'm trying to set up a basic OpenSSL two-tier PKI but I'm not understanding how CRLs work in an airgapped RootCA; how can I revoke an IntermediateCA in a way that everyone knows it has been revoked?

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...

X.509 Digital certificates are used in a variety of security protocols to provide identity management. X.509 Digital certificates are used in a variety of security protocols to provide identity ...

Everyone's talking about it: The Great Certificate Revocation Storm of 2014. Because of the Heartbleed bug, a very large number of SSL/TLS web sites need to revoke and reissue their certificates. The ...

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...