My response to a recent post suggesting short-lived certificates were intended to remove the need to do revocation seems to have spurred a response from its author. The thesis of the latest response is that: Revocation can easily handle “key compromise” situation and do so by offering more security than short-lived certs. The largest problem … Continue reading It is my turn, or short-lived certificates part 2