Applied Cryptography

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Applied Cryptography
Classical (Symmetric) Cryptography
Modern Symmetric Cryptography
Cipher Modes
Cryptographic Hashing
RSA & Related Subjects
Asymmetric Key Management
Digital Signatures

Powered by GitBook

On this page

Certificate revocation lists (CRL)

PreviousRefreshing of asymmetric key pairs NextValidity of signatures

Last updated 10 months ago

Base or delta.

Complete / differences.

Signed list of identifiers of prematurely invalidated certificates.

Can tell the revocation reason.
Must be regularly fetched by verifiers.
- e.g. once a day.

Single certificate validations.

OCSP (RFC 6960) query/response.
OCSP stapling (RFCs 6066, 6961, 8446).

Publication and distribution of CRLs.

Each CA keeps its CRL and allows public access to it.
CAs exchange CRLs to facilitate their widespread.

CRL and Delta CRL