As mentioned earlier, CAs periodically publish CRLs with the serial Numbers of revoked certificates.
前面已经提到,ca会定期发布列有被吊销证书序列号的CRL。
Edit: just noticed that "revoke and delete" doesn't truly delete the end entity as if they are remade the old revoked certificates are still there.
编辑:只是注意到“撤销和删除”并不真正删除结束实体,因为他们是重新创建旧的撤销证书仍然存在。
We always use certificate Revocation List to save the revoked certificates, and use Lightweight Directory Access Protocol or Online certificate Status Protocol as verification mechanism.
证书的撤销采用证书撤销列表,而用于验证证书状态的机制一般使用轻型目录存取协议或者在线证书状态协议。
应用推荐