Root Causes Episode 94: Revocation Checking Through OCSP and CRL
Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
About this talk
One essential portion of the certificate lifecycle is the ability to revoke certificates. Public SSL certificates use a pair of mechanisms to communicate this revocation status to client machines, CRL and OCSP. In this episode we explain how these mechanisms work and some of their strengths and challenges.