CRLSign is defined in RFC 5280
as a Key Usage bit
that is asserted when the Certificate Subject Public Key
is used for verifying signatures
on Certificate Revocation List
lists (e.g., CRLs
, delta CRLs, or ARLs).
There might be more information for this subject on one of the following: