Certificate Revocation


Certificate Revocation is a Revocation model that describes ability to revoke Certificates

A Certificate Authority can revoke any certificate it has issued. A certificate needs to be revoked if one or more of the following situations occur:

Whenever a certificate is revoked, the Certificate Authority updates the status of the certificate in its internal database. This way, the server keeps track of all revoked certificates in its internal database and it makes the revoked list of certificates public (by publishing it to a central repository) to notify other users that the certificates in the list are no longer valid. Typically, the Certificate Authority will a method to allow possible users of the Certificate to know the status of the Certificate through one or more of the following methods:

Certificate Revocation is broken [1]#

More and more sites are obtaining certificates, vitally important documents that we need to deploy HTTPS, but we have no way of protecting ourselves when things go wrong. Revocation is broken by Scott Helme show why.

More Information#

There might be more information for this subject on one of the following: