Comment Re:The CA should not revoke the certificates, (Score 3, Interesting) 151
OK, then they should invalidate ALL certificates, test customers for the patch, give patched customers new certs, and refuse to give new certs to unpatched customers. It's their business to maintain a 'web of trust'.