| ▲ | CRLite: Certificate Revocation Checking in Firefox(hacks.mozilla.org) | |||||||
| 71 points by TangerineDream 2 days ago | 5 comments | ||||||||
| ▲ | remram 2 days ago | parent | next [-] | |||||||
Is there some high-level overview of this "cascade of Ribbon filters" data structure? I understand bloom filters, but couldn't get any intuition for this one from FB's blog post. edit: found an overview here that helps a bit: https://news.ycombinator.com/item?id=27800788 This seems good but will take more time to absorb: https://pangyoalto.com/en/ribbon-filter/ | ||||||||
| ▲ | coffee-- 2 days ago | parent | prev | next [-] | |||||||
The Github repo for the backend implementation is here: https://github.com/mozilla/crlite/ Notably, you can query CRLite from the CLI using https://github.com/mozilla/crlite/tree/main/rust-query-crlit... - like: $ git clone https://github.com/mozilla/crlite.git $ cd crlite/rust-query-crlite/ $ cargo run -- -vv --update prod https github.com INFO - Loaded 21 CRLite filter(s), most recent was downloaded: 0 hours ago DEBUG - Loaded certificate from github.com DEBUG - Issuer DN: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo ECC Domain Validation Secure Server CA DEBUG - Subject DN: CN=github.com DEBUG - Serial number: 00ab6686b5627be80596821330128649f5 DEBUG - Issuer SPKI hash: 6YBE8kK4d5J1qu1wEjyoKqzEIvyRY5HyM_NB2wKdcZo= TRACE - 20250809-1-default.filter: Good TRACE - 20250810-0-default.filter.delta: Good TRACE - 20250810-1-default.filter.delta: Good TRACE - 20250811-0-default.filter.delta: Good TRACE - 20250811-1-default.filter.delta: Good TRACE - 20250812-0-default.filter.delta: Good TRACE - 20250812-1-default.filter.delta: Good TRACE - 20250813-0-default.filter.delta: Good TRACE - 20250813-1-default.filter.delta: Good TRACE - 20250814-0-default.filter.delta: Good TRACE - 20250814-1-default.filter.delta: Good TRACE - 20250815-0-default.filter.delta: Good TRACE - 20250815-1-default.filter.delta: Good TRACE - 20250816-0-default.filter.delta: Good TRACE - 20250816-1-default.filter.delta: Good TRACE - 20250817-0-default.filter.delta: Good TRACE - 20250817-1-default.filter.delta: Good TRACE - 20250818-0-default.filter.delta: Good TRACE - 20250818-1-default.filter.delta: Good TRACE - 20250819-0-default.filter.delta: Good TRACE - 20250819-1-default.filter.delta: Good INFO - github.com Good | ||||||||
| ▲ | dochtman 2 days ago | parent | prev | next [-] | |||||||
CRLite is awesome, and it deserves more usage; notably most non-browser clients on Linux machines don’t get any revocation handling at all. | ||||||||
| ||||||||
| ▲ | pentamassiv 2 days ago | parent | prev [-] | |||||||
CRLite sounds like an elegant solution. Are there reasons why Chrome is not implementing it or do they just have other priorities? | ||||||||