On Fri, Jan 2, 2009 at 5:44 PM, <valdis.kletni...@vt.edu> wrote: > Hmm... so basically all deployed FireFox and IE either don't even try to do > a CRL, or they ask the dodgy certificate "Who can I ask if you're dodgy?"
Hmm. Don't the shipped-with-the-browser trusted root certificates include a CRL URL?