Guide to OCSP Stapling - Thawte.
Revocation doesn’t work - from March 2011.
No, don’t enable revocation checking - from April 2014
Public Key Pinning Extension for HTTP - this is known as HPKP. Chrome does this and pre-loaded pins.
How Log Proofs Work - Merkle hash trees and proving entries are in logs.
Books I want to get
Bulletproof SSL and TLS by Ivan Ristic. For some reason this is super-expensive from Amazon, cheaper to get it direct from Feisty Duck.
SSL and TLS: Designing and Building Secure Systems by Eric Rescorla. Old but still good.
Implementing SSL / TLS Using Cryptography and PKI by Joshau Davies.
Network Security with OpenSSL by John Viega.
Secure Programming Cookbook for C and C++ by John Viega.
Cryptography Engineering: Design Principles and Practical Applications by Niels Furguson, Bruce Schneier, Tadayoshi Kohno.
Introduction to Modern Cryptography, Second Edition by Jonathan Katz, Yehuda Lindell.