As ALWAYS...your videos help me BIGTIME! Whenever I am in need of a CLEAR explanation on a technology that some other 'Off the Charts GEEK in the Weeds' tries to teach, I check and see if Sunny has a class to clear it up for me! Thanks Again Man!!

Just want to say, i used some of your videos to pass my network plus and currently doing th same with security plus. I always find your explanations easier to understand than most other instructors. Thank you!

I could not understand about CRL/OCSP/OSCP Stapling, but now I finally did. Thank you! You have been a great help!

I knew I could count on you to explain this concept clearly and concisely. I get it now! Thank you Sunny!

This is by far the best explanation ever! Thank you so much!!

Step 4, that all this happens "during the SSL/TLS handshake" was the puzzle piece I was missing. Thank you. And the music at end made me laugh. :)

The best content on this topic is your channel !!

Simple and clear, that's all I need. Thank you Sunny!

Truly awesome. Helps a lot because of your visualizations in addition to your explanation.

As always your videos are clear and provide accurate information. Thank you, Sunny.

Simple and easy language/demo used in video. All thanks to you.

Awesome! This is the exact info I was looking for to troubleshoot an issue related to OSCP. Sunny! you very well explained CRL, OSCP, and OSCP-Stapling operations in a quick video. Thank you very much!

Thanks a lot Sunny! this is very clear and useful.

Thank you for your clear explanations for our understanding.

crazy how complicated other people make this when you just explained it in 6 mins.

Hi Sunny, great video once again! I think one thing I'd add for future viewers is that another thing browsers like Firefox and Chrome do are just push a software update if a certificate must be revoked as soon as possible

It's very nice explanation. Thanks Sunny

Excellent videos, very concise and easy to understand. Thank you

Thank you so much this was very clear and helpful.

Clear explanation, thanks man!

As usual soooooooo amazing!!!!!!!!!!!!!!!!!!!!!

Greatly done Sunny...!!! 🥇🎖🏅

Great Videos. Very crisp explanation.

Great explanation!

thank you, thats a very clear explanation.

you are really good at explaining things. Thank you very much

thanks this is much clean then reading the text explaination

Very helpful information - keep up the good videos and the good work

Very useful information, thank you so much.

Well done, thank you!

You're Gifted By God.

Bravo!! ❤❤

Great video. Thanks for the explanation.

very good teacher.Thanks

Great explanation

great work. Thank you

Nicely Explained.... thank you sir

You are awesome 🙏

Beautiful 👌

great video, would be great if you could update this and make a video about certificate transparency (CT Logs)! :)

great explanation, thanks

All clear, thanks Mr. Subscribing now.

thanks very much

Thank you sir

well what if a domain spoofer simply forges a certificate?

So if an organization has issued certificates in thousands , and device1 comes with request , does webserver has stapled request for all thousand devices at that time , if its cached only on calls ? so when a signed response is received all it needs to do is verify certificate validity end date etc, no need to go to check revoked status as its trusted with cryptography i.e the signed response . is this right

Hi Sunny, if the client from a ABC company domain accessing a website, how can it check the website certificates status from the ABC domains CA CRL list,,, does that mean that ABC domain CA will have constant updates, if so how,,,

Thanks for your video, "OCSP stapling" is quite smart solution, but for how long does web server cache OCSP Response from CA? And for how long does the client (browser) consider that the response is still valid (I mean as for standards)? I think this is the point of "lag" between revocation and outdated signed OCSP Response from web server. So it is important to note.

Does it mean OCSP URLs no need to be added to firewall between client and server?

Thank you verymuch

Sunny, one more question: Which book(s) would you recommend for a deep dive in this topic? (I mean cryptography not just revocation.)

Hi Sunny, will you talk about SCVP in the future videos?

hi sunny...can you explain how policy maping works in CA and sub-CA in another video?

When certificates are stolen from CA, why those certificates need to be revoked. I mean we are already certificates, but harm stolen certificates will make.

Yea but browser and other clients no longer check the crl or ocsp servers so revocation is useless .

Great explanation but I still have no idea what you are talking about.

Lopez Barbara Young Jessica White David

Very Good Explanation