This is kind what browser do anyway (IE, Firefox, Chrome tested), what
AppleTLS does, what GnuTLS does and what OpenSSL does. Actually, most
browsers will also be OK with the CRL/OCSP provider being offline.
WinTLS will still fail in that case.
Should revocation information be available in the trust chain (CRL or
OCSP) the certificate still will be checked!
"Real" CAs, aka. those provided by the OS or system CA bundle, usually
provide revocation information and are thus still checked.
It should be mostly (only?) custom (organization) CAs that lack
revocation information, but those users might want to use aria2 in their
intranets and VPNs anyway ;)
See #217
Nils Maier