John wants to check the validity of a digital certificate. Which of the following should he use?
  1. Trust model
  2. Certificate policy
  3. Key escrow
  4. Certificate revocation list
Explanation
Answer: D - Certificate revocation list (CRL) provides a detailed list of all the certificates that are no longer valid for a CA.

Key Takeaway: Certificate Revocation List provides a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue and the entities that issued them are also included. Additionally, each list contains a proposed date for the next release. When a potential user attempts to access a server, the server allows or denies access based on the CRL entry for that particular user. One limitation associated with a CRL is the fact that updates must be frequently downloaded to keep the list current.
Was this helpful? Upvote!
Login to contribute your own answer or details

Top questions

Related questions

Most popular on PracticeQuiz