After completing this lesson, the learner will understand how certificates are revoked using certficate revocation lists and the Online Certificate Status Protocol (OCSP)
- [Voiceover] The security of digital certificates…depends upon the security of the private key…associated with that certificate.…If the certificate owner's private key is compromised,…the owner needs a way to revoke the digital certificate…so that it can't be used to impersonate the owner later on.…There are two different methods…for revoking a digital certificate.…Both are maintained by the certificate authority…who issued the certificate.…The original approach is the…Certificate Revocation List or CRL.…
Under this approach, when the CA…wished to revoke a digital certificate,…it simply placed the serial number of that certificate…on the CA's Certificate Revocation List.…Anyone accessing a digital certificate…is responsible for downloading the CRL…and verifying that the serial number…is not included on that list…before relying upon the public key…contained within the certificate.…This approach was inefficient…because it often had time delays…and consumed a lot of network bandwidth,…as everyone on the internet…attempted to download CRLs every day…
This course is part of a six-course series on the CompTIA Security+ exam, and is useful for IT professionals who wish to learn more about information security as well as students preparing to take the Security+ exam.
We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Choosing encryption algorithms
- Applying symmetric and asymmetric cryptography standards
- Implementing key management, including key exchange and key stretching
- Working with public keys, trust models, and digital certificates
- Using transport encryption protocols
- Securing wireless networks
Skill Level Intermediate
2. Symmetric Cryptography
3. Asymmetric Cryptography
4. Key Management
5. Public Key Infrastructure
6. Transport Encryption
7. Wireless Security
Next steps1m 5s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.