Yo, thanks for that idea. We will figure out a way to add something like that in a couple of days. We have an iOS app in TestFlight if you wanna give it a go. https://testflight.apple.com/join/qrGhAVUC
Maybe instead of failing silently, the browser should cease to function at all if it can't reach its OCSP data source for a public CA, and complain loudly - providing we can make revocation lookups cheap and highly available.
It could be available via anycast akin to DNS, or p2p as gojomo suggests. Lots of places use DNS to operate blacklist/RBLs - some with very large datasets which would break the internet if they ever become unavailable.
Yes, if you're so encircled by bad guys that you can't reach any blacklist providers, but have received a gossipy hint (via a leak in the blockade) that there's a new version you don't yet have, blatant alarms should go off.
You're no longer on "the internet", you're on some attacker-chosen & time-lagged subset... and you need to know that before connecting to sensitive sites.
One idea/question, is there a way to add to the feed via an external URL, rather then exclusively within the Chrome plugin?
I would use it even more if I wasn't constrained to chrome.
For example, adding this little snippet as a bookmark would for certain work from Firefox and iOS/Safari, and quite possibly others.
If I could get it molded to work with your service I'd be pretty stoked.