The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
A certificate authority (CA) in a network issues and manages security credentials and public keys form message encryption. As part of a public key infrastructure (PKI), a CA checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. When a certificate is issued, it is expected to be in use for its entire validity period, i.e., until its expiration date is reached. However, various circumstances may cause a certificate to become invalid prior to the expiration of the validity period. Under such circumstances, the CA needs to revoke the certificate. Revocation of a certificate may be accomplished through the use of a certificate revocation list (CRL). When a certificate is revoked the CA may add an identifier associated with the certificate to the CRL.