Final answer:
Certificate revocation lists (CRLs) are needed to address various security concerns in the use of digital certificates, including stolen private keys and websites not using HTTPS. CRLs help identify revoked or invalid certificates and prevent potential attacks. Therefore, the correct answer is Choice 5: all of the above.
Step-by-step explanation:
Certificate revocation lists (CRLs) are needed to address various security concerns in the use of digital certificates. One of the reasons we need CRLs is because private keys used to sign certificates can be stolen (Choice 3 of 6). If a private key is compromised, the certificate associated with that key becomes invalid and needs to be revoked. CRLs provide a mechanism for revoking such certificates, ensuring that they are no longer trusted.
In addition, some websites do not use the secure HTTPS protocol (Choice 2 of 6), which is designed to protect the confidentiality and integrity of data transmitted over the internet. These websites may not have valid certificates or may have certificates that need to be revoked. CRLs help identify revoked or invalid certificates, allowing users to be warned or denied access to such sites.
Lastly, although HTTPS offers encryption and authentication, it does not provide perfect forward security (Choice 4 of 6). Perfect forward security ensures that if a private key is compromised, past communications using that key cannot be decrypted. CRLs help prevent potential attacks by revoking certificates associated with compromised keys.
Therefore, the correct answer to the question is Choice 5 of 6: all of the above. Certificate revocation lists address different issues related to invalid or compromised certificates, ensuring the security of digital communication.