Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A Model of Cerificate Revocation



David A. Cooper


This paper presents a model for the distribution of revocation information using certificate revocation lists (CRLs). This model is used to highlight inefficiencies in the traditional method of distribution certificate status information using CRLs. Two alternative CRL-based revocationdistribution mechanisms, over-issued CRLs and segmented CRLs, are then presented. The original model is then expanded to encompass each of the alternative mechanisms and these expanded models are used to demonstrate the advantages of the alternative mechanisms to the traditional method. Finally, the paper offers some suggestions for choosing the best CRL-based revocation distribution mechanism for any particular environment.
Proceedings Title
Fifteenth Annual Computer Security Applications Conference
Conference Dates
December 6-10, 1999
Conference Title
Computer Security Applications Conference


certificate revocation, certificate revocation list, certification authority, CRL


Cooper, D. (1999), A Model of Cerificate Revocation, Fifteenth Annual Computer Security Applications Conference (Accessed June 18, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created December 1, 1999, Updated February 17, 2017