"CRL" is a "Certificate Revocation List," and it's a list of SSL web security certificates that should no longer be trusted. These could have expired, been stolen or otherwise removed from service, and it's part of a security infrastructure supported by Verisign. Your system is merely trying to get the latest list of revoked certificates so it won't accept them as "valid" any longer. The activity is innocuous and won't hurt anything. You trust Verisign for a lot more than this every day.
It is dumb, however, that visiting crl.verisign.net brings up a list of files whose purpose is not obvious; it raises many more questions than it answers. Many of us believe they ought to put up an "index.html" page that describes why the server is there.
 feedback form
 feedback form
by Steve  edited by JMGullett
last modified: 2007-05-31 16:11:25 |
