Certificate Revocation List


Also found in: Acronyms, Wikipedia.

Certificate Revocation List

A list maintained by or on behalf of an Issuing Authority of the certificates which it has issued, which and have been revoked before their natural expiry time.
Mentioned in ?
References in periodicals archive ?
Security certificate revocation list distribution for VANET.
Voltage IBE is a public key cryptography system that uses common identities (such as an email address or screen name) as public keys, eliminating the need for certificates, Certificate Revocation Lists (CRL) and other costly infrastructure.
The certification process (certificate signing requests [CSRs] and certificate loading), the certificate revocation process (certificate revocation lists [CRLs] and online certificate status protocol [OCSP]), and certificate validation (issuing CA certificate(s), certificate chains, cross certification) all need to be appropriately included in the security services being defined.
Other enhancements include external PKI support and automatic retrieval of certificate revocation lists from certificate authorities.
While this kind of error may be rare, its impact could have been mitigated if certificate revocation lists (CRLs) were automatically checked.
These standards include a profile of the X.509 version 3 certificates and version 2 certificate revocation lists (CRLs), protocols for issuing and revoking certificates, online certificate status mechanisms, protocols for retrieving certificates and CRLs from LDAP, FTP, and HTTP servers, and guidance for authors of certificate policies.
It will be a clearinghouse for checking the validity of digital certificates across organizational boundaries The service will enable certificate issuers to distribute their certificate revocation lists in a timely, secure manner and to make them easily available, to applications and to people around the world with whom they wish to conduct business.
CERTivity 1.2 features viewing Certificate Singing Request (CSR) files and Certificate Revocation Lists (CRL) from local files or from remote locations using various protocols like HTTP, HTTPS, FTP and even LDAP, new signature algorithms for Key Pair/CSR generation and for CSR signing, new Key Algorithms for Secret Key generation, support for file type inspection, more Fingerprints available in the Certificates Details sections, an improved certificates management in certificate chains, trust path validation and management via new options in the Options panel.
A close examination of the first and second-generation architectures reveals that enterprise applications must inevitably be coupled with the security infrastructure; they can either be tightly coupled using API integration or closely coupled by means of standards such as X.509 certificates and certificate revocation lists. The problem with coupling applications with the security infrastructure is that it prevents smooth migration from one security infrastructure to another.

Full browser ?