The communication using an electronic certificate between information processing devices connected via a network requires a certificate revocation list (hereinafter referred to as a “CRL”). The CRL is a list for determining whether the electronic certificate is valid when an authentication using the electronic certificate is performed for communication. An example of a method for obtaining the certificate revocation list (hereinafter called a “CRL”) includes the following processes. At first, the certificate revocation list is registered and stored in a server managed by a certificate authority which has issued the electronic certificate. That is, this method uses a client-server system in which the certificate revocation list is stored in a server and published to the client device. The client device accesses the server when necessary, thereby obtaining the certificate revocation list published to the public.