Removal of "Revocation Lists" feature (Options -> Advanced -> Revocation Lists)
dolske at mozilla.com
Wed May 1 18:42:50 UTC 2013
On 4/30/13 2:28 PM, Brian Smith wrote:
> The "Revocation Lists" feature allows a user to configure Firefox to
> poll the CAs server on a regular interval. As far as I know, Firefox
> is the only browser to have such a feature. Other browser either
> ignore CRLs completely or download CRLs on an "as needed" basis based
> on a URL embedded in the certificate.
That would be OCSP?
It sounds to me like this is a crufty old feature that isn't enabled by
default, isn't aligned with the direction SSL is evolving, and isn't
something anyone else does (and not in a "great feature unique to
Firefox" way). So I'd have no objection to removing it.
More information about the firefox-dev