
How we identified SSL certificates affected by Let's Encrypt mass-revocation - Mojah
https://ohdear.app/blog/how-we-identified-clients-with-ssl-certificates-affected-by-lets-encrypt-mass-revocation
======
mytailorisrich
IMO, this highlights a missing API in the ACME protocol.

It would be good to have the client provide an URL endpoint as part of their
account's details so that it can be automatically notified through a set of
defined messages when e.g. one of its certificates is revoked by the server.

At the moment the protocol only supports revocation requests issued from the
client, if I'm not mistaken.

