PKI is weak. One reason is that revocation methods all have failure modes. Direct revocation, Cert Revocation Lists, OCSP (online certificate status protocol predominant on iOS), and now Short Lived Cert's and Certificate Transparency, this presentation will spell out how revocation works, what protocols handle this, and how you can use revocation techniques to improve your security or conduct pen testing. Attendees will walk away with a greater understanding of PKI’s weaknesses, and actionable techniques to wield PKI with greater force and effect. Useful for the general public interested in PKI, and also pen testers and auditors.