Bleeping Computer

DigiCert to delay cert revocations for critical infrastructure

DigiCert urges critical infrastructure operators to request a delay if they cannot reissue their certificates, as required by an ongoing certificate mass-revocation process announced on Tuesday. The ...
ZDNet

Chrome does certificate revocation better

Everyone's talking about it: The Great Certificate Revocation Storm of 2014. Because of the Heartbleed bug, a very large number of SSL/TLS web sites need to revoke and reissue their certificates. The ...
CSOonline

Chrome turns its back on security standard

I’m still trying to wrap my head around Google’s surprising revelation (in Google engineer Adam Langley’s blog) that it will disable online certificate revocation checking in a future version of the ...
Ars Technica

HTTPS Certificate Revocation is broken, and it’s time for some new tools

This article was originally published on Scott Helme's blog and is reprinted here with his permission. We have a little problem on the web right now and I can only see it becoming a larger concern as ...
Dark Reading

Solving The SSL Certificate-Revocation Checking Shortfall

RSA CONFERENCE 2012 -- San Francisco, Calif. -- The way that browsers perform SSL certificate-revocation checking is so fundamentally flawed that some browser vendors have turned it off altogether, ...
CSOonline

The sorry state of certificate revocation

Certificates need to be revoked for all sorts of reasons, but the process is so slipshod, some propose an entirely new system. Why not just enforce existing rules instead? As much as I love public key ...