If a private key becomes compromised before its certificate’s normal expiration, X.509 defines a method requiring each CA (Certificate Authority) to periodically issue a signed data structure called a certificate:
A.
Enrollment list
B.
Expiration list
C.
Revocation list
D.
Validation list
Explanation:
Certification revocation is the process of revoking a certification before it expires. A certificate may need to be revoked because it was stolen, an employee moved on to a new company, or someone has had their access revoked.
Reference: Security + (SYBEX) page 337