Revocation lists can be distributed.
Yes, but they still originate somewhere, and if that source goes offline, you're still at risk of accepting stolen credentials.
Yes, but they still originate somewhere, and if that source goes offline, you're still at risk of accepting stolen credentials.