Skip to main content

Certificate Revocation

  • Living reference work entry
  • First Online:
Encyclopedia of Cryptography, Security and Privacy
  • 30 Accesses

Definition

Certificate revocation is the process of attempting to ensure that a certificate that should no longer be considered valid is not used by relying parties. Many techniques have been proposed for achieving this in different environments including simply publishing this information on a publicly accessible list and hoping that a relying party will consult this list before using the certificate.

Applications

A certificate (Certificate and Certification Authority) is a binding between a name of an entity and that entity’s public key pair (Public Key Cryptography). Normally, this binding is valid for the full lifetime of the issued certificate. However, circumstances may arise in which an issued certificate should no longer be considered valid, even though the certificate has not yet expired. In such cases, the certificate may need to be revoked (a process known as certificate revocation). Reasons for revocation vary, but they may involve anything from a change in job status to a...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

References

  • Adams C, Lloyd S (2003) Understanding PKI: concepts, standards, and deployment considerations, 2nd edn. Addison-Wesley, Reading. Chapter 8

    Google Scholar 

  • Freeman T, Housley R, Malpani A, Cooper D, Polk W (2007) Server-based certificate validation protocol (SCVP). Internet request for comments 5055

    Google Scholar 

  • Housley R, Polk T (2001) Planning for PKI: best practices guide for deploying public key infrastructure. Wiley, New York

    Google Scholar 

  • ITU-T Recommendation X.509 (2000) Information technology – open systems interconnection – the directory: public key and attribute certificate frameworks (equivalent to ISO/IEC 9594–8:2001)

    Google Scholar 

  • Myers M, Ankney R, Malpani A, Galperin S, Adams C (1999) X.509 Internet public key infrastructure: online certificate status protocol – OCSP. Internet request for comments 2560

    Google Scholar 

  • Pinkas D, Housley R (2002) Delegated path validation and delegated path discovery protocol requirements. Internet request for comments 3379

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Carlisle Adams .

Editor information

Editors and Affiliations

Section Editor information

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Science+Business Media LLC

About this entry

Check for updates. Verify currency and authenticity via CrossMark

Cite this entry

Adams, C. (2021). Certificate Revocation. In: Jajodia, S., Samarati, P., Yung, M. (eds) Encyclopedia of Cryptography, Security and Privacy. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27739-9_71-2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27739-9_71-2

  • Received:

  • Accepted:

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27739-9

  • Online ISBN: 978-3-642-27739-9

  • eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering

Publish with us

Policies and ethics