Linux and Tech News

2171 readers

16 users here now

This is where all the News about Linux and Linux adjacent things goes. We'll use some of the articles here for the show! You can watch or listen at:

You can also get involved at our forum here on Lemmy:

User Space Forum

Or just get the most recent episode of the show here:

The Show

founded 2 years ago

MODERATORS

leo@lemmy.linuxuserspace.show

Fast, private and secure (pick three): Introducing CRLite in Firefox (blog.mozilla.org)

submitted 5 days ago by leo@lemmy.linuxuserspace.show to c/news@lemmy.linuxuserspace.show

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] Cris_Color@lemmy.world 4 points 5 days ago (1 children)

I don't really understand it, but sounds like a nifty advancement!

[–] Boris_NotTooBadinoff@lemmy.world 4 points 5 days ago

Basically if a site's ssl certificate has been revoked by a Certificate Authority (due to fraud, shenanigans, etc...) Firefox will maintain a local list (~300kb) of all revoked certs. This way, if you visit a site with a revoked cert it will appear as untrustworthy

My hope is this stops, or slows, the shortening of certificate lifetimes. Currently the longest cert you can purchase is a 1 year cert, and google and apple are trying to force 90day, and in 2029 47 day lifetime certs. This is a headache for devices that need certs, but where cert renewals cannot be automated