The finance department works with a bank which has recently had a number of cyber attacks. The finance
department is concerned that the banking website certificates have been compromised. Which of the following
can the finance department check to see if any of the bank’s certificates are still valid?
Bank’s private key
Bank’s key escrow
Bank’s recovery agent
The finance department can check if any of the bank’s certificates are in the CRL or not. If a certificate is not in
the CRL, then it is still valid.
The CRL (Certificate revocation list) is exactly what its name implies: a list of subscribers paired with digital
certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of
certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed
date for the next release.