actually that's pretty close to where we're going with ever shorter certificate lifetimes...
Only because the browsers are enforcing shorter lifetimes. But you can’t force a premature expiration in case of a server compromise, which is what revocation is for.
Only because the browsers are enforcing shorter lifetimes. But you can’t force a premature expiration in case of a server compromise, which is what revocation is for.