From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Revoke a digital certificate
From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering
Revoke a digital certificate
- [Instructor] The security of digital certificates depends upon the security of the private keys associated with those certificates. If the certificate owner's private key is compromised, the owner needs a way to revoke the digital certificate so that it can't be used to impersonate them. There are two methods for revoking a digital certificate. Both are maintained by the certificate authority who issued the certificate. The original approach is the certificate revocation list or CRL. When the CA wishes to revoke a digital certificate using the CRL, it places the serial number of that certificate on its CRL. Anyone accessing a digital certificate is responsible for downloading the certificate revocation list and verifying that the serial number of the certificate they're verifying is not included on that list before relying upon the certificate. Now, this approach is inefficient because it often has time delays and consumes…
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
Trust models2m 52s
-
PKI and digital certificates4m 5s
-
Hash functions7m 38s
-
Digital signatures3m 51s
-
Digital signature standard1m 40s
-
Create a digital certificate4m 55s
-
Revoke a digital certificate1m 41s
-
Certificate stapling2m 29s
-
Certificate authorities6m 13s
-
Certificate subjects3m 35s
-
Certificate types2m 55s
-
Certificate formats2m 30s
-
-
-
-
-
-