I'm just looking at the McAfee Default policy for the MOVE AV [Multi-Platform] Client 3.6.1, General Category, on the Scan Items tab. If you scroll down to the Publisher Exclusions section, and select Click to view advanced options you can see settings relating to certificate revocation and certificate validity.
I'm curious why the default setting would be to never check for revocations, and to set certificate to be valid forever. Is there a reason why we would want to keep this setting the way it is? Appreciate your thoughts.