Certificate Revocation List
Writen by Sergio Lietti
A Certificate Revocation List (CRL) is a list of all the revoked certificates issued by a Certification Authority.CRLs are the only method of canceling a certificate before its expiration date.For a CRL to be effective it must be downloaded and installed in all systems and applications accepting ANSP Grid certificates.
Valid certificates will be revoked by the ANSP Grid CA when
- The subject of the certificate has ceased their relationship with their institution;
- The subject no longer wants their certificate;
- The private key has been lost or compromised;
- The information in the certificate is wrong or inaccurate;
- The subject has failed to comply with ANSP Grid CA policy; or
- The system or service to which the certificate was issued has been retired.
Relying parties (persons and organizations using the ANSP Grid CA for authentication purposes) should download the CRL at least once a day and implement its restrictions while validating certificates. This is the only way to ensure that a revoked certificate is actually refused everywhere. The latest version of the ANSP Grid CA CRL can be found below.
Use the DER Format link to import the current Certificate Revocation List (CRL) into your browser or download and save any of the formats as a file.