Removal of "Revocation Lists" feature (Options -> Advanced -> Revocation Lists)

Justin Dolske dolske at mozilla.com
Wed May 1 18:42:50 UTC 2013


On 4/30/13 2:28 PM, Brian Smith wrote:

> The "Revocation Lists" feature allows a user to configure Firefox to
> poll the CAs server on a regular interval. As far as I know, Firefox
> is the only browser to have such a feature. Other browser either
> ignore CRLs completely or download CRLs on an "as needed" basis based
> on a URL embedded in the certificate.

That would be OCSP?

It sounds to me like this is a crufty old feature that isn't enabled by 
default, isn't aligned with the direction SSL is evolving, and isn't 
something anyone else does (and not in a "great feature unique to 
Firefox" way). So I'd have no objection to removing it.

Justin



More information about the firefox-dev mailing list