Maintaining an off-site backup copy of a system is almost always a good idea. The scope of the backup could be just critical user data that simply must not be lost, or the entire root file system, for those times you lost at commmand line russian roulette. About a year ago, I started doing full system backups using a program named BorgBackup (short: Borg), a process which was much simpler than I had anticipated.

I recently did a bit of reading on how certificate revocation works in practice. Although I had some idea of what a CRL (Certificate Revocation List) was, I did not know by what mechanism a client would check a servers certificate against such a list. Hence, here’s is a writeup of my findings. This post assumes the reader has some knowledge of how digital certificates work and what they are used for, as well as what a CA (Certificate Authority) is.