cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
Highlighted

Godaddy Certificate Revocation List

Can anyone provide a technical reason as to why crl.godaddy.com uses port 80 and not 443 (secure connection)

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Resolver III
Solution

Re: Godaddy Certificate Revocation List

Certificate Revocation Lists (CRLs) are already secured - digitally signed - so it doesn't matter how you distribute them. What you need is to allow as easy and as wide as possible distribution of CRLs to anyone who needs them. It's similar to certificates, which you send to whoever asks for them.

 

As such, using port 443 doesn't provide any business value but adds an additional layer of complexity that could complicate access to CRLs. ... and dependency on certificates that CRLs revoke 🙂

 

That would be my justification but it's possible GoDaddy has its own reasons as well.

 

Dan

 

———

I've worked around (not only) SSL security for over 20 years in enterprises and startups. 

I am now running an HTTPS expiry management service KeyChest.net

View solution in original post

1 REPLY 1
Highlighted
Resolver III
Solution

Re: Godaddy Certificate Revocation List

Certificate Revocation Lists (CRLs) are already secured - digitally signed - so it doesn't matter how you distribute them. What you need is to allow as easy and as wide as possible distribution of CRLs to anyone who needs them. It's similar to certificates, which you send to whoever asks for them.

 

As such, using port 443 doesn't provide any business value but adds an additional layer of complexity that could complicate access to CRLs. ... and dependency on certificates that CRLs revoke 🙂

 

That would be my justification but it's possible GoDaddy has its own reasons as well.

 

Dan

 

———

I've worked around (not only) SSL security for over 20 years in enterprises and startups. 

I am now running an HTTPS expiry management service KeyChest.net

View solution in original post