Comment by snowwrestler
4 years ago
This issue is clearly a bug. It is an accidental denial of service attack on the client.
It will get fixed pretty easily: Apple will add some combination of a timeout and a request back-off to their client, to properly handle the situation of a server that is reachable but not sufficiently responsive.
Apple clearly does not mean to make their devices unresponsive if the server is offline, because pointing requests at localhost resolves the issue.
I disagree. It isn't a bug because it was explicitly designed to behave this way.
The solution won't be to fix a defect, but to change the design, which is completely flawed. They should have pushed revocations from the beginning rather than requiring every system on the planet to poll a service. What were they thinking? And that does make one wonder whether there weren't other reasons for this behaviour besides "security".