Certificate Revocation List (CRL)

Certificate Revocation List (CRL) is one of two common methods when using a public key infrastructurefor maintaining access to servers in a network.

Certificate Revocation List (CRL) is one of two common methods when using a public key infrastructure for maintaining access to servers in a network. The other, newer method, which has superseded CRL in some cases, is Online Certificate Status Protocol (OCSP).

The CRL is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user.

The main limitation of CRL is the fact that updates must be frequently downloaded to keep the list current. OCSP overcomes this limitation by checking certificate status in real time.

This was first published in June 2007

Continue Reading About Certificate Revocation List (CRL)

Glossary

'Certificate Revocation List (CRL)' is part of the:

View All Definitions

Dig deeper on Web Authentication and Access Control

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close