"CRL" is a "Certificate Revocation List," and it's a list of SSL web security certificates that should no longer be trusted. These could have expired, been stolen or otherwise removed from service, and it's part of a security infrastructure supported by Verisign. Your system is merely trying to get the latest list of revoked certificates so it won't accept them as "valid" any longer. The activity is innocuous and won't hurt anything. You trust Verisign for a lot more than this every day.

It is dumb, however, that visiting crl.verisign.net brings up a list of files whose purpose is not obvious; it raises many more questions than it answers. Many of us believe they ought to put up an "index.html" page that describes why the server is there.

got feedback? got feedback?

Any feedback you provide is sent to the owner of this FAQ for possible incorporation and shown publically as well.

by Steve edited by JMGullett
last modified: 2007-05-31 16:11:25