So my client should download the 100 MB CRL to check? Is that the secure workflow?

The largest Let's Encrypt CRL right now is 254 KB. Most are smaller. We might want to partition into smaller shards again to hit a bit smaller size than that in the future.

Shorter certificate lifetimes will also reduce CRL sizes.

A lot of traffic comes from browsers, or TLS stacks integrated with their host operating system, which we expect will use compressed push-based methods like Mozilla's CRLite to receive more efficient data structures as well.

One thing this announcement allows us to do is motivate us to start working on making CRL mechanisms more efficient.

Modern crls are partitioned so this really isn’t a problem you will run into.

Does that not recreate the privacy problem then, since the CRL server can see which CRL partition we download and when?

Should we expect CRL stapling?

I think one would expect a partition to cover a lot of certificates for its size (or in the case of a compromise all certificates mapped to that partition) so I don't think you end up with nearly so meaningful a problem.

Indeed! I forgot that the BRs mandate the CRLDP extension if the certificate lacks OCSP AIA.

So all (non-short-lived) certificates will continue to have a standard revocation checking mechanism encoded in them.