I have multiple concerns about the current proposal.
The current specification states the use of GZIP for compression for the whole bitstring. This algorithm compresses bitstring into a series of Huffman-compressed blocks. I agree this is a reasonable choice from the size-efficiency point of view.
However, I think the current discussion lacks some implementation considerations. This includes where the entire list is kept and how the verifier efficiently accesses a revocation bit. Will the verifier need to retrieve the whole status list? I understand we are discussing this in a technology-neutral manner as far as possible. Still, we need to consider implementation details if we start discussing how to treat bits and compression.
There are two points of view I want to share here.
The expected transaction model does not match blockchain-like storage
This scheme (compressing the entire bitstring) is unsuitable if the maintainer wants to record the status list data onto a blockchain-like ledger. We can't know how frequently the maintainer will update the list. In a worst-case scenario, the maintainer must continuously replace the entire status list on the storage. This is acceptable for a typical file system since replacement of the file contents is almost zero cost. But for a blockchain-like ledger, the cost will be hard to ignore.
From this point of view, I think how the data model looks and how the bits are stored need to be discussed separately.
The memory and storage requirements
It looks like there is an assumption of the model using the list to fetch the entire list, verify, uncompress, and find a bit. From a client who wants a single bit, this is not acceptable if the size of the status list is considerably large. Some numbers are mentioned in the current specification, but are these assumptions safe? Do we need to have another specification support a large number of certificates? For example, with GZIP, the decoder needs to keep the Huffman tree in the block header in memory. Suppose the memory footprint for a verifier runtime on an IoT device needs to be very low. In that case, the verifier code needs to scan the bitstring while decompressing the sequence of blocks one by one, not just decompress and read a bit. Depending on the environment, this can be a real headache.
While the use of bitstring is attractive from a privacy point of view, we need to find a better way to serialize and compress the data.