New blog post: Post-OCSP certificate revocation in the Web PKI.
With OCSP in all forms going away, I decided to look at the history and possible futures of certificate revocation in the Web PKI. I also threw in some of my own proposals to work alongside existing ones.
I think this is the most comprehensive current look at certificate revocation right now.
#security #WebPKI #LetsEncrypt #TLS #OCSP
Seirdy /
npub1x6…nkc4r
2024-09-25 15:34:29
Author Public Key
npub1x6806glfhj6qn27r96q8payaw7hggx3clmz9knrz6vg949lfu5qqdnkc4rSeen on
wss://relay.nostr.bandPublished at
2024-09-25 15:34:29Event JSON
{
"id": "3f5416023423079b7b9a75fd97c642095698d021d1c3eab7440e445fd8b8b9bc",
"pubkey": "368efd23e9bcb409abc32e8070f49d77ae841a38fec45b4c62d3105a97e9e500",
"created_at": 1727278469,
"kind": 1,
"tags": [
[
"t",
"letsencrypt"
],
[
"t",
"ocsp"
],
[
"t",
"tls"
],
[
"t",
"webpki"
],
[
"t",
"security"
],
[
"proxy",
"https://pleroma.envs.net/objects/4371b456-e37f-487f-886d-8b4fd7b705c2",
"activitypub"
]
],
"content": "New blog post: Post-OCSP certificate revocation in the Web PKI.\n\nWith OCSP in all forms going away, I decided to look at the history and possible futures of certificate revocation in the Web PKI. I also threw in some of my own proposals to work alongside existing ones.\n\nI think this is the most comprehensive current look at certificate revocation right now.\n\n #security #WebPKI #LetsEncrypt #TLS #OCSP",
"sig": "548cfcd44c3b80c9a75bfbb2c787144ad81e61a20eccab81e935f59261dcc1c89cddfd4c73ff4c33b526d21ea6dd88e4726f2de671539c57aef9ca18cccbf5b1"
}