

Heartbleed Bug Sends Bandwidth Costs Skyrocketing - doctorshady
http://www.wired.com/2014/04/cost-of-heartbleed/

======
mrsaint
This could have been avoided had more web servers properly implemented OCSP
stabling
([http://tools.ietf.org/html/rfc4366#section-3.6](http://tools.ietf.org/html/rfc4366#section-3.6)).
That way it would have been the hoster of the website rather than the issuing
CA bearing the resource cost in providing the revocation status of the cert.

------
tedchs
Just to be clear, the article discusses bandwidth load for CAs, not for
individual web sites. Serving CRLs is part of what we pay CAs to do, I don't
see why the article implies we should take pity on them.

------
spb
Sounds like it's time to plug CRLs into BitTorrent distribution.

Also, isn't CloudFront supposed to be way, _way_ cheaper than $10/Mbps?

