摘要 |
A novel system and method provide a compact representation of revocation information for conserving network bandwidth and member resources in a peer-to-peer network. Group membership certificates are assigned integer serial numbers in a range from a lowest number to a highest number. A certificate revocation list (CRL) is composed of an offset value and a bit vector. The offset value generally describes the lowest currently outstanding serial number, corresponding to the first position in the bit vector. The remaining bit positions of the bit vector represent in order of increasing value the remaining issued certificate serial numbers. The bit corresponding to the serial number of each certificate is set to reflect either a state of "not revoked," or a state of "revoked."
|