PC World

The Decision to Strip Online Certificate Revocation Checks From Chrome Is Misguided, Symantec Says

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...
Ars Technica

Two-tier OpenSSL PKI: how to revoke IntermediateCA when RootCA is airgapped?

I'm trying to set up a basic OpenSSL two-tier PKI but I'm not understanding how CRLs work in an airgapped RootCA; how can I revoke an IntermediateCA in a way that everyone knows it has been revoked?
Finextra

Data security in fintech: from TLS to ALE

Recently, after reading a great engineering blog post on OCSP and CRL verifiers in Go, and after further discussion in the community, I’ve got an insight that made me really gloomy. Mass of projects ...
InfoWorld

Symantec: Stripping online certificate revocation checks from Chrome is misguided

Stripping OCSP (Online Certificate Status Protocol) and CRL (certificate revocation list) checks from Google Chrome could have dangerous implications because it will turn Google into a single point of ...
Network World

Fitting OCSP into your Certificate Infrastructure

X.509 Digital certificates are used in a variety of security protocols to provide identity management. X.509 Digital certificates are used in a variety of security protocols to provide identity ...
heise online

Schedule published: Let's Encrypt abolishes OCSP certificate verification

Let's Encrypt, the largest certification authority with over 387 million valid certificates, is moving away from the Online Certificate Status Protocol (OCSP). The CA (Certificate Authority) has now ...