Search: 

Home > CoreStreet Products > CRL

• The CoreStreet Advantage
• CoreStreet Products
  • Public Key Infrastructure
  • PIVMAN System
  • Physical Access Control
• CoreStreet Solutions
  • Government
  • Business and Industry
  • Identity Services Infrastructure
• About CoreStreet
• Subscribe
• Contact Us
  • Americas
  • APAC
  • EMEA
• Support

Certificate Revocation Lists (CRL)

---

Essentially, a Certificate Revocation List (CRL) is a master reference list of all credentials that have been issued, with information about which ones are currently canceled (or revoked). This master list must be published frequently (daily, weekly) by a Certificate Authority along with proof of authenticity (seal, digital signature, etc.) and a copy must be given to every relying party.

List-based validation can be performed extremely quickly by a relying party without needing to talk to a separate authority with every transaction (offline validation). Unfortunately, these master lists can become extremely large and unwieldy for many applications, and it is frequently not practical to transfer a new list to every potential relying party every day.

Advantages/Disadvantages

• Easy to manage for small numbers
• Works with all issued certificates
• Industry standard
• Huge bandwidth all the way to the clients
• Does not scale past 10,000 users for large number of clients

Suitable Applications

Use of CRLs is an ideal solution for deployment with a small user base, like a company with several thousand employees who use ID cards to access a building, or use smart cards to log onto their computers.

Copyright © 2008, CoreStreet Ltd. | Legal Notices | Privacy Policy | Glossary | Library | How to Buy | Contact |