VeriSign’s Description of Certificate Revocation I

• A Certificate Revocation List (CRL) is a list of Digital IDs that have been revoked before their scheduled expiration date.

• There are several reasons why a key might need to be revoked and placed on a CRL.

  • A key might have been compromised.
  • A key might be used professionally by an individual for a company; for example, the official name associated with a key might be "Alice Avery, Vice President, NPAC."
  • If Alice were fired, her company would not want her to be able to sign messages with that key and therefore the company would place the key on the CRL.

Previous slide

Next slide

Back to first slide

View graphic version