Oddbean new post about | logout
anonymous | 1 months ago (raw) | root | parent | reply | flag +1 
 Sure, but that means we agree on that the dns methods themselves aren't a problem. I wadn't sure about that.
Have you considered the OCSP queries? Given that we all want https on all servers, now suddenly we need to query for certificate validity in every connection. 😋
Firefox allows you to use CRLite but it has to be enabled.
anonymous | 1 months ago (raw) | root | parent | reply | flag 
 (As a side-note: maybe not every connection. I haven't looked into when it is exactly invoked.)