This is a good point that seems to keep being ignored: do revocations even matter? Are browser makers planning on changing their defaults with regard to revocations? Is somebody planning a widespread consumer education campaign regarding revocation? If not, this whole issue seems like a bunch of noise that doesn't have much real impact.
Any links to specific threads? I don't find anything when searching that list for "revocation" or "revoke", though there seem to be lots of threads about CAs in general, so maybe there's relevant discussion in some of those.
The right keyword to search for is OCSP, because CRLs are completely impractical in the browser.
But then we have the issue that OCSP is a pretty retarded protocol. OCSP stapling helps with some issues, but there is still the issue that it doesn't really check if a certificate is valid, but whether a certificate bearing the given serial number is valid. Which didn't help AT ALL when using MD5 collisions people managed to create multiple certificates under the same serial number.
