Certificate Revocation List

What Does Certificate Revocation List Mean?

A certificate revocation list (CRL) is a list of subscribers paired with certificate status where each end user’s certificate is listed as valid, revoked or expired. A properly configured list indicates the reason for a revoked certificate along with the dates for which each certificate is valid. CRLs are an important part of public key infrastructure, as they allow a given infrastructure to more accurately enumerate valid and invalid digital certificates.


Techopedia Explains Certificate Revocation List

Within a public key infrastructure, part of the process involved with authentication involves the exchange of digital certificates. Furthermore, end users must also have a means of validating whether another user’s digital certificate is currently authorized. This is where certificate revocation lists come into the picture. An end user’s digital certificate may have been valid at one time, but in some instances, an organization may need to revoke an end user’s digital certificate so that the rest of the organization knows that the revokee is no longer an authorized user.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…