On Fri, Apr 11, 2014 at 07:02:53PM -0400, grarpamp wrote:
On Fri, Apr 11, 2014 at 10:43 AM, rysiek <rysiek@hackerspace.pl> wrote:
Dnia piÄ…tek, 11 kwietnia 2014 16:32:44 Georgi Guninski pisze:
Is there a significant rise of revoked certs caused by HB paranoia?
No idea, but we're considering revoking ours.
As to ocsp/crl revocation, haven't looked (depending on application, getting the cert swapped out is more important anyway). But those of us who pin down certs instead of trusting CA's have been doing quite a bit of reconfiguring this week due to upstream certs being swapped out.
Well, g00gle have strange cert policy: Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2 Validity Not Before: Apr 2 16:00:48 2014 GMT Not After : Jul 1 00:00:00 2014 GMT The visible ASCII structure in the big cert almost sure comes from the ALT names :(