Although in the past Let’s Encrypt have indicated they have no plans, due to high cost and low pay-off, to implement CRL for leaf certificates, I wonder if the introduction of CRLite does anything to rock the boat?
Some interesting blog posts about it that are worth reading:
I think the tl;dr; is that it regularly processes CRLs of all trusted CAs into an extremely efficient data structure which gets sent to browsers, and then the browsers can query it offline. Solves the latency, reliability and privacy problems with CRLs and OCSP. Currently implemented in Firefox Nightly.
It seems like it could provide an answer to the revocation checking problem, but perhaps not so much if the largest CA isn’t participating.