Could have just kept using OSCP stapling
Basically OCSP stapling (more specifically must-staple) is isomorphic to short-lived certificates.
OSCP enables every website someone visits to be tracked; see https://news.ycombinator.com/item?id=46290033
OSCP stapling (which OP mentions) is supposed to fix that though.
Basically OCSP stapling (more specifically must-staple) is isomorphic to short-lived certificates.
OSCP enables every website someone visits to be tracked; see https://news.ycombinator.com/item?id=46290033
OSCP stapling (which OP mentions) is supposed to fix that though.