Comment by fc417fc802

> fail-open and you've just created a method for an attacker to bypass certificate revocation entirely

I generally agree about the rest but isn't what you suggest there sufficiently disproportionate to fall well outside the threat model? It buys only a limited window of opportunity in a very specific scenario while painting a neon target on your back. I feel like it's vaguely akin to worrying about a military checkpoint failing open when hit with a 30k lb bomb.