Full formTechnology
CRLstands forCertificate Revocation List
Full Form of CRL
What is CRL?
A Certificate Revocation List (CRL) is a digital document maintained by a Certificate Authority (CA) that contains the serial numbers of certificates that have been revoked before their scheduled expiry date. In the Indian context, CRLs are crucial for the security of public key infrastructure (PKI) systems used in e-governance initiatives such as Aadhaar, DigiLocker, and income tax filings. When a digital certificate is compromised—due to key leakage, employee departure, or organisational change—the CA publishes an updated CRL, which is then downloaded and checked by relying parties (browsers, servers, validation systems) to ensure they do not trust the revoked certificate. CRLs are periodically refreshed, typically every 24 hours, and their size can grow significantly as more certificates are revoked. They are a fundamental component of PKI trust models and are complementary to online validation protocols like OCSP. For Indian competitive exams like UPSC, GATE, and banking IT sections, understanding CRL is important for questions on network security, cryptography, and digital signature laws under the Information Technology Act, 2000. Without CRLs, the integrity of digital transactions and electronic contracts in India would be severely compromised.
CRL का फुल फॉर्म
प्रमाणपत्र निरस्तीकरण सूची
Example
The CA issued an updated CRL after detecting that the private key of a government department's SSL certificate was exposed, and all browsers automatically checked the CRL before establishing a secure connection.
CRL — frequently asked questions
What is the full form of CRL?
The full form of CRL is Certificate Revocation List. It is a list of digital certificates that have been revoked by a Certificate Authority before their expiration date.
How is CRL used in Indian e-governance?
In India, CRL is used to revoke compromised digital certificates for Aadhaar authentication, DigiLocker documents, and online tax filings, ensuring that only valid and trusted certificates are used for electronic transactions.
What is the difference between CRL and OCSP?
CRL is a periodically published list of all revoked certificates, while OCSP (Online Certificate Status Protocol) provides real-time, individual certificate status checks without downloading a full list. CRL is simpler but can become large, whereas OCSP is more bandwidth-efficient.