<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <br>
    On 07/27/2012 09:53 PM, From Adam Langley:
    <blockquote
cite="mid:CAL9PXLyGzyP3dyU+zuEEFecYX-BuOjyqOWGga-VyGFNd+2VbBQ@mail.gmail.com"
      type="cite">
      <pre wrap="">I agree that in the event that the attacker is competent enough to
MITM with the leaked key, but dumb enough that they don't block OCSP
lookups, revocation does protect the user.
</pre>
    </blockquote>
    <br>
    One of the goals are to enable hard failure for cases where no OCSP
    response and no CRL could be obtained.<br>
    <br>
    <div class="moz-signature">
      <table border="0" cellpadding="0" cellspacing="0">
        <tbody>
          <tr>
            <td colspan="2">Regards </td>
          </tr>
          <tr>
            <td colspan="2"> </td>
          </tr>
          <tr>
            <td>Signer: </td>
            <td>Eddy Nigg, COO/CTO</td>
          </tr>
          <tr>
            <td> </td>
            <td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
          </tr>
          <tr>
            <td>XMPP: </td>
            <td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
          </tr>
          <tr>
            <td>Blog: </td>
            <td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
          </tr>
          <tr>
            <td>Twitter: </td>
            <td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
          </tr>
          <tr>
            <td colspan="2"> </td>
          </tr>
        </tbody>
      </table>
    </div>
    <br>
  </body>
</html>