Changes

Mozilla is [https://bugzilla.mozilla.org/show_bug.cgi?id=1429800 currently ] (as of early 2019) preparing to test an out-of-band revocation mechanism based on an [https://mislove.org/publications/CRLite-Oakland.pdf academic paper] titled “CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers”. In this mechanism, Mozilla produces a highly compressed representation of all trusted, non-expired certificates found in Certificate Transparency (CT) logs and their revocation status as asserted by the corresponding CRL. CRLite updates are delivered to the client using the same mechanism as OneCRL.

[[CA/History of Revocation Checking|A partial history of changes made to Firefox as of March 2017 in support of better revocation checking has been preserved.]]