nYou
can’t revoke a CRL
nOnce
you commit to a CRL, it’s a valid state for the entirety of its validity period
nWhat
happens if you have to update the CRL while the CRL you just issued is still
valid?
nYou
can update it, but clients aren’t required to fetch it since the one they have
is still valid!
nBottom
line: yikes!
nWe
need something else