On 27 March 2015 at 19:14, Rich Freeman <ri...@gentoo.org> wrote: > > StartSSL in fact refuses to revoke certificates even when people > publish their private keys publicly. If you buy a previously-used > domain you might want to make sure that there isn't a StartSSL > certificate floating around for it which is still valid...
Uh? They don't do it for free, but they do revoke certificate if you pay for it. xine-project.org has a revoked cert from last year due to heartbleed. Diego Elio Pettenò — Flameeyes https://blog.flameeyes.eu/
