Certificate Revocation List

The CRL is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user.

The main limitation of CRL is the fact that updates must be frequently dowloaded to keep the list current. OCSP overcomes this limitation by checking certificate status in real time.

Read more about Certificate Revocation List: - Baltimore Technologies explains the advantages and limitations of CRL. - SearchSecurity.com provides links to more information about digital certificates.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG PKI and Digital Certificates,   Enterprise Identity and Access Management,   User Authentication Services,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Portable security storage device could replace OTP devices A new USB-like device, hardened with security features, could overtake one-time password devices and give end users flash memory to carry around... What is most misunderstood about EV SSL certificates? Are there any calculators to help estimate log generation based on number of devices and best practices? VeriSign addresses MD5 flaw VeriSign is moving completely to the new SHA-1 hash function to avoid a vulnerability affecting SSL certificates. Microsoft and Mozilla also weighed...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Digital Signature Standard  (SearchSecurity.com)