Certificate Revocation List

The CRL is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user.

The main limitation of CRL is the fact that updates must be frequently dowloaded to keep the list current. OCSP overcomes this limitation by checking certificate status in real time.

Read more about Certificate Revocation List: - Baltimore Technologies explains the advantages and limitations of CRL. - SearchSecurity.com provides links to more information about digital certificates.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT What is the best way to administer exams to students via computer? Security pro Mike Rothman discuses the risks associated with implementing computer examinations and offers tips on the best ways to securely offer... Should computer exams be transmitted as PDF files or Word files? Mike Rothman discusses the difference between PDF and Word files and which file type would be more securely transmitted during computerized... Should PKI systems be used for laptop encryption? In this expert reponse, Joel Dubin discusses the pros and cons of using PKI systems for laptop encryption.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Digital Signature Standard  (SearchSecurity.com)