Seems to be from the early 2000s, although not dated. Can anyone with knowledge on PKI shine light on if it's still relevant? Has much changed in the last 20 years?
It looks to be very relevant. CRLs are more frequently checked now due to bandwidth and compute becoming much cheaper. OCSP is a common solution for larger CAs. Cross-signing is becoming more common, and it still is a mess with clients validating it in different ways. Let's Encrypt used cross-signing when they rolled over to their own ISRG X1 root. There's a CA/Browser Forum group which defines rules and standards for browsers to trust public CAs and all major browsers use them to determine which roots to trust. Certificate Transparency logs are also a new development which is like a blockchain of issued certificates. CA/B Forum requires CT to be implemented by all publicly trusted CAs.
