76.2k views
3 votes
Which of the following solutions allow to check whether a digital certificate has been revoked? (Select 2 answers)

A. CIRT
B. CRL
C. OCSP
D. CSR
E. Key escrow

1 Answer

5 votes

Final answer:

To check whether a digital certificate has been revoked, the Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP) can be used, both of which serve the process of validating a certificate's status to maintain security.

Step-by-step explanation:

The solutions that allow checking whether a digital certificate has been revoked are the Certificate Revocation List (CRL) and the Online Certificate Status Protocol (OCSP).

CRL is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date. A digital certificate is revoked when it is determined that it should no longer be trusted, often for reasons such as compromise, the cessation of operation, or a change in the information contained in the certificate.

Conversely, OCSP serves a similar purpose as CRL but operates in real-time. Rather than downloading a complete list of revoked certificates, OCSP allows for an on-demand, specific inquiry to check the revocation status of an individual certificate. The requesting entity (client or server) sends a query to the OCSP responder, which in turn returns the status of the certificate without the need for the client to parse a complete list.

User DefaultUsernameN
by
7.9k points