Definition[edit | edit source]

A Certificate Revocation List (CRL) is

Overview[edit | edit source]

The list is usually signed by the same entity that issued the certificates. Certificates may be revoked, for example, if the owner’s private key has been lost; the owner leaves the company or agency; or the owner’s name changes. CRLs also document the historical revocation status of certificates. That is, a dated signature may be presumed to be valid if the signature date was within the validity period of the certificate, and the current CRL of the issuing CA at that date did not show the certificate to be revoked.

References[edit | edit source]

See also[edit | edit source]

Community content is available under CC-BY-SA unless otherwise noted.