Basic HTML version of Foils prepared April 7 1998

Foil 50 VeriSign's Description of Certificate Revocation I

From Basic Principles of Java and Internet Security CPS616 Web Technologies -- Spring 98. by Geoffrey C. Fox
A Certificate Revocation List (CRL) is a list of Digital IDs that have been revoked before their scheduled expiration date.
There are several reasons why a key might need to be revoked and placed on a CRL.
  • A key might have been compromised.
  • A key might be used professionally by an individual for a company; for example, the official name associated with a key might be "Alice Avery, Vice President, NPAC."
  • If Alice were fired, her company would not want her to be able to sign messages with that key and therefore the company would place the key on the CRL.

© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Sun Nov 29 1998