Digital Certificates Question:
Download Questions PDF

What are Certificate Revocation Lists(CRLs)?

Answer:

A certificate revocation list (CRL) is a list of certificates that have been revoked before their scheduled expiration date. There are several reasons why a certificate might need to be revoked and placed on a CRL. For instance, the key specified in the certificate might have been compromised, or, the user specified in the certificate may no longer have authority to use the key. For example, suppose the user name associated with a key is "Alice Avery, Vice President, Argo Corp." If Alice were fired, her company would not want her to be able to sign messages with that key, and therefore, the company would place the certificate on a CRL.

When verifying a signature, one can check the relevant CRL to make sure the signer's certificate has not been revoked. Whether it is worth the time to perform this check depends on the importance of the signed document.

Download Digital Certificates Interview Questions And Answers PDF

Previous QuestionNext Question
Suppose Pipe A can fill in 20 minutes and Pipe B in 30 mins and Pipe C can empty the same in 40 mins. If all of them work together, find the time
taken to fill the tank?
What if a Certifying Authoritys Key is Lost or Compromised?