Home » Wiki » What is Certificate Revocation List [CRL]?

What is Certificate Revocation List [CRL]?

by | SSL Certificate

What is Certificate Revocation List [CRL]?

Certificate Revocation List: CRL Explained

A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date and should no longer be trusted. CRLs allow relying parties to verify that a certificate is still valid and has not been revoked.

Understanding Certificate Revocation Lists

Digital certificates, such as SSL/TLS certificates used to secure websites, are an essential part of public key infrastructure (PKI). They allow secure communication and transactions over the internet by establishing trust between parties.

Certificates contain information identifying the owner as well as a public key used to encrypt communication. They also have an expiration date and are digitally signed by a trusted CA.

However, sometimes certificates need to be revoked prior to expiration, such as when:

  • The certificate owner’s private key is compromised.
  • The certificate contains inaccurate information.
  • The certificate is no longer needed.
  • The certificate owner violates the CA’s policies.

CRLs provide a way to publicly revoke certificates. They are periodically issued and digitally signed by the CA that issued the certificates. When a relying party receives a certificate, they can check the latest CRL to verify the certificate hasn’t been revoked.

How Certificate Revocation Lists Work

Here is the process involved with certificate revocation lists:

  • Certificate Revocation:When a certificate needs to be revoked, the owner contacts the issuing CA and requests revocation. The CA adds information about the revoked certificate to its database.
  • CRL Issuance:On a regular schedule, the CA generates and signs a CRL containing serial numbers of all revoked, unexpired certificates issued by that CA. The CRL contains issuer information, its date/time of issuance, next update date, and revoked certificates list.
  • CRL Publication:The CRL is published in a public repository and its location is typically included in the certificate itself. The repository is accessible to relying on parties wanting to verify certificates.
  • Certificate Validation:When a relying party receives a certificate, they check the CRL repository and download the latest CRL. They verify it’s signed by the CA then check if the certificate’s serial number is in the list. This tells them if the certificate is valid or revoked.
  • CRL Updates:CAs issue new CRLs periodically, often every few hours. Relying parties need to regularly check for and download updated CRLs to have current revocation status information.

CRL Fields and Contents

Certificate revocation lists contain the following key fields:

  • Version – The CRL format version number
  • Issuer – Identifying information about the CA that issued the CRL
  • This Update – Date and time the CRL was issued
  • Next Update – Date and time the next CRL will be issued
  • Revoked Certificates – List of revoked certificate information:
  • Serial Number – The unique serial number of the revoked certificate
  • Revocation Date – Date and time the certificate was revoked
  • (Optional) Certificate Extensions – Additional info like CRL entry extensions and reason code
  • Signature Algorithm – Algorithm used to sign the CRL
  • Signature – CA’s digital signature of the CRL used to verify its authenticity

Example of What a CRL Looks Like Visually

Version: 2
Issuer: /CN=CA/O=Example Company Inc
This Update: Aug 31 12:00:00 2021 GMT
Next Update: Sep 07 12:00:00 2021 GMT
Revoked Certificates:
Serial Number: 345643
Revocation Date: Aug 28 12:00:00 2021 GMT
Serial Number: 234212
Revocation Date: Aug 29 12:00:00 2021 GMT
Signature Algorithm: SHA-256
Signature: 781cf3bd...

How Relying Parties Use CRLs

When a relying party receives a certificate from an entity, here is the general process for how they use CRLs to validate it:

  • Extract the CRL distribution point URL from the certificate
  • Download the latest CRL from that URL
  • Check the CRL’s signature to verify it’s authentic
  • Check if the certificate’s serial number is in the CRL
  • If serial number match found, the certificate is revoked
  • If no match, the certificate is valid (not revoked)

The relying party may also check the CRL’s validity period against the current date and download an updated CRL if needed. This verifies the status information is not outdated.

Most software that relies on certificates for security handles CRL checking in the background. Still, understanding how CRLs fit into the certificate validation workflow is useful.

Certificate Revocation List Use Cases

CRLs are commonly used to check certificate validity in situations like:

  • Web Security – Browsers checking SSL/TLS certificates from websites against a CA’s CRL.
  • Email Encryption – Email clients validating S/MIME email certificates before displaying encrypted content.
  • Document Signing – Software validating digital signatures on documents against the CRL before accepting them.
  • VPN Access – VPN servers checking client certificates against the issuing CA’s CRL before granting access.
  • Code Signing – Software verifying code signing certificates used to sign downloadable software, installers, binaries, etc.

Any application that relies on certificates as a form of identity or data security will typically use CRLs as part of the certificate verification process.

Advantages of Certificate Revocation Lists

There are several benefits to using CRLs for certificate revocation:

  • Wide Support: CRLs are universally supported across all PKI software and platforms.
  • Industry Standard: CRLs are standardized in industry standards like X.509 and are natively integrated into most crypto libraries.
  • Separate Revocation Status: Separating the certificate from revocation status simplifies and speeds up validation.
  • Flexibility: CRLs can be hosted and distributed in many different ways, offering flexible implementation.
  • Scalability: CRLs consolidate revocation information for all certificates from a CA into a single list.
  • Latency: CRLs can be cached to reduce network latency during certificate validation.
  • Fail Secure: If a CRL can’t be retrieved, certificates are rejected as a secure default behavior.

Disadvantages of CRLs

Some downsides and limitations to CRLs include:

  • Latency: There can be a delay between a certificate being revoked and relying on parties receiving an updated CRL.
  • Performance: Checking large CRLs can negatively impact performance, especially on constrained devices.
  • Availability: If a CRL becomes unavailable for any reason, valid certificates will be rejected.
  • Storage: CRLs can grow very large, requiring significant storage depending on the CA and validity period.
  • Manual updates: The CRL publisher must manually create and publish new CRLs regularly.
  • Centralization: Compromise of the CRL signing key allows attackers to produce fake CRLs.
  • Privacy: CRLs reveal certificates that have been revoked which may be sensitive information.

How Often are CRLs Updated?

There is no set standard for how often CAs must issue updated CRLs. However, some common frequencies include:

  • Every Few Hours: For large CAs issuing SSL/TLS certificates, updated CRLs may be published every 2-12 hours. This ensures low latency between revocation and status updates.
  • Once Per Day: Intermediate CAs may issue CRLs daily, striking a balance between currency and overhead.
  • Weekly: Offline CAs sometimes issue weekly CRLs since rapid updates are not critical.

The frequency also depends on factors like:

  • The number and type of certificates issued.
  • The consequences of relying on a revoked certificate.
  • The number of anticipated revocations.
  • The acceptable latency for updates.

Most CAs aim to provide frequently updated CRLs to minimize the window for potential issues. The publication frequency is configurable when the CA is set up.

CRL Size Limitations

CRLs have traditionally been limited in size due to the following constraints:

  • File Size Limitations: The CRL file size was historically limited by different filesystems, protocols, and software. For example, CRL files over 4 GB were problematic.
  • Processing Overhead: Large CRLs require substantial computing resources to parse and process during certificate validation. This impacted performance.
  • Transfer Latency: Large CRL files took longer to transfer over networks which increased validation latency.

Some Ways CAs Work Around CRL Size Limitations Include

  • Using better compression algorithms to condense large CRLs.
  • Issuing separate CRLs for different classes of certificates.
  • Updating infrastructure to handle transfers of large CRLs.
  • Caching CRLs locally to avoid transfers.
  • Switching to delta CRLs which only contain changes since the last full CRL.
  • Using OCSP stapling to attach revocation status to the certificate itself.
  • Deploying alternative revocation methods like OCSP which provide real-time status.
  • Setting shorter validity periods so CRLs expire faster.
  • Only including recently revoked certificates in the CRL while older ones expire out.
  • Using partitioning schemes to split one large CRL into smaller partitioned CRLs.
  • Moving to more scalable data formats like JSON or protobuf instead of ASN.1/DER.

    Conclusion

    A Certificate Revocation list is a digitally signed list of revoked certificates published periodically by a CA. CRLs provide an efficient, scalable mechanism for relying parties to verify certificates that have not been revoked. They help ensure that compromised or untrusted certificates are promptly disabled across the infrastructure.

    While CRLs have some limitations around availability and latency, their simplicity, universality, and security make them a foundational component of public key infrastructure trusted by major software and enterprises worldwide. They will continue playing a key role in certificate validation alongside emerging improvements like OCSP.

    Understanding CRLs provides useful insight into the inner workings of certificate validation and revocation in public key cryptography.

    Frequently Asked Questions

    What is the purpose of a CRL?

    The purpose of a certificate revocation list is to publicly share a list of revoked digital certificates that are no longer valid or trusted. This allows anyone relying on certificates to check if a given certificate has been revoked.

    How often are CRLs updated?

    There is no fixed standard, but CRLs are typically updated anywhere from every few hours to once per day by most CAs. The more frequently CRLs are updated, the lower the latency between a revocation and it being published.

    Where can you get a CRL?

    The CRL distribution point, included in the certificate, provides a URL where the latest CRL can be downloaded. CRLs are made publicly available via web servers and other accessible repositories.

    What happens if a CRL expires?

    Once a CRL expires based on its Next Update field, it should no longer be relied upon. Expired CRLs should be replaced with a newer issued CRL to perform validation. If no valid CRL is available, it’s usually safer to reject all certificates rather than assume they are valid.

    Can CRLs be used to check code signing certificate validity?

    Yes, CRLs can be used to check the revocation status of code signing certificates used to sign software, drivers, binaries, and other digitally signed code. Windows, for example uses CRLs to verify code signing certificates.