From:
Microsoft outlines Explorer 7 security changes
http://www.infoworld.com/article/05/10/27/HNie7changes_2.html
Other changes include the inclusion of AES security in Windows Vista and
certificate revocation checking being enabled by default in Vista,
Lawrence said.
FYI, certificate revocation checking will fail your CCAA if you don't
allow access to your CRL that your CAS is on.