Home

REVINFO

REVINFO stands for Revocation Information and refers to an optional metadata attribute used in certain public key infrastructure protocols to convey the revocation status of certificates involved in a digital timestamp or signature. It is commonly associated with time-stamp tokens and other CMS-based signatures, where a trusted authority may include revocation data to support later verification.

In typical use, REVINFO carries a set of revocation information entries. Each entry records data about a

Purpose and benefits include enhancing long-term verifiability. By providing a snapshot of revocation status at the

Limitations and considerations involve practical trade-offs. REVINFO increases the size of the token, relies on the

See also: Time-Stamp Protocol, CMS, PKI.

certificate’s
revocation
status
as
of
a
specific
time,
often
tying
the
status
to
cryptographic
identifiers
such
as
hashes
of
the
issuer
and
the
certificate
itself.
The
information
may
reference
revocation
mechanisms
such
as
certificate
revocation
lists
(CRLs)
or
OCSP
responses,
and
it
aims
to
reflect
the
certificate’s
state
at
the
moment
of
the
timestamp
or
signing
event.
time
of
the
token’s
creation,
REVINFO
helps
verify
that
the
certificates
used
were
not
revoked
at
that
time,
even
if
revocation
events
occur
later.
This
supports
non-repudiation
and
improves
confidence
in
the
time-stamped
assertion
when
certificates
later
become
untrusted.
availability
and
accuracy
of
up-to-date
revocation
data,
and
is
not
uniformly
supported
across
all
implementations.
Its
usefulness
depends
on
the
reliability
of
the
revocation
sources
referenced
(CRLs
or
OCSP
responses)
and
the
policies
of
the
issuing
authority.