CRL distribution at web scale is now possible thanks to work by John Schanck at Mozilla https://hacks.mozilla.org/2025/08/crlite-fast-private-and-co...
But CRL sizes are also partly controlled by expiry time, shorter lifetimes produce smaller CRLs.
But CRL sizes are also partly controlled by expiry time, shorter lifetimes produce smaller CRLs.
Now they are doing next plausible solution. Seems like 47 days is something they found out by let’s encrypt experience estimating load by current renewals but that last part I am just imagining.