certificate revocation lists (CRLs)

A Certificate Revocation List (CRL) is a regularly updated list maintained by a certificate authority that shows digital certificates—like digital IDs—that are no longer trusted. If a certificate has been compromised or should no longer be used, it gets added to this list. When your device or software checks a certificate, it can consult the CRL to ensure the certificate is still valid and trustworthy. This helps prevent fraud or security breaches by blocking access to revoked certificates and maintaining the integrity of secure communications.