Certificate Revocation List (CRL)

What Does Certificate Revocation List (CRL) Mean?

A certificate revocation list (CRL) is a list of subscribers paired with certificate status where each end user’s certificate is listed as valid, revoked or expired. A properly configured list indicates the reason for a revoked certificate along with the dates for which each certificate is valid. CRLs are an important part of public key infrastructure, as they allow a given infrastructure to more accurately enumerate valid and invalid digital certificates.

Techopedia Explains Certificate Revocation List (CRL)

Within a public key infrastructure, part of the process involved with authentication involves the exchange of digital certificates. Furthermore, end users must also have a means of validating whether another user’s digital certificate is currently authorized. This is where certificate revocation lists come into the picture. An end user’s digital certificate may have been valid at one time, but in some instances, an organization may need to revoke an end user’s digital certificate so that the rest of the organization knows that the revokee is no longer an authorized user.