← Cybersecurity Alphabet Soup

CRL

Certificate Revocation List

cryptomedium

A CRL is a signed list, published by a certificate authority, of certificates that were cancelled before their expiration date, for example because a private key was stolen. Clients download the list to check whether a certificate they are about to trust has been revoked. CRLs can grow large and stale, which is why OCSP and newer push-based mechanisms were developed.

Sources

More in crypto