Certificate Revocation List

The CRL is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user.

The main limitation of CRL is the fact that updates must be frequently dowloaded to keep the list current. OCSP overcomes this limitation by checking certificate status in real time.

Learn more about PKI and Digital Certificates

	Identity and Access Management Services, Systems and Technologies: This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan.
Can any firm or organization get a digital signature certificate?: Can any firm or organization obtain a digital signature? How is a digital signature obtained?
Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures: In an excerpt from Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures, authors Peter Thermos and Ari Takanen discuss the strengths and weaknesses of SRTP.
Secure user authentication: Regulations, implementation and methods: Learn about the FFIEC's mandate, how to choose the right authentication option for diverse user communities and how to implement an authentication strategy.
XML Security Learning Guide: Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and ...
Spy vs. Spy: Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.
Best practices in Internet security: The Access Certificates for Electronic Services Program: The Access Certificates for Electronic Services Program (ACES) brings multiple PKI service providers together into an interoperable public key infrastructure (PKI) for use by government entitites and ...

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - Baltimore Technologies explains the advantages and limitations of CRL.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT How to encrypt passwords using network security certificates Learn the most secure way to transfer passwords to applications using network security, identity management, and application security certificates. Best Authentication Products Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart... DoD urges less network anonymity, more PKI use At Black Hat USA 2009, DoD CISO Robert Lentz says more technology is needed to protect both private and government networks from cybercriminals.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Digital Signature Standard  (SearchSecurity.com)