CRLs are lists issued by a State to revoke any of its certificates that have been compromised. In addition, CRLs also serve to confirm that no such revocations exist for any of their certificates (i.e. a null CRL). CRLs must be issued every 90 days, even if no certificates have been revoked since the previous CRL was issued. CRLs are also digitally signed and can therefore be validated against the corresponding CSCA certificate.
