6 Message SecurityProtocols ToC Previous Next

6.2 Certificates ToC Previous Next

6.2.5 Certificate Revocation List (CRL) ToC Previous Next

A Certificate Revocation List (CRL) is a ByteString containing the DER encoded form (see X690) of an X.509 v3 CRL. The CRL is issued by certifying authority and contains the serial numbers of the Certificates issued by that authority which are no longer valid. All CRLs shall have the extension defined in Table 43. The extension is defined completely in RFC 5280.

Table 46 – Certificate Revocation List Extensions

Extension Description
   authorityKeyIdentifier Provides more information about the key used to sign the CRL.

Previous Next