Certificate Revocation Lists


As required by the VillageMall's Relying Party Agreement, all relying parties must check that any certificate within the VillageMall Certification path is not on a VillageMall CA Certificate Revocation List.

Automatic Checking of Subscriber Certificates

VillageMall requires that any Relying Party uses a application that makes use of X.509 standard CRL distribution points to obtain and  check CRL's. 

VillageMall uses and recommends Microsoft IE5, Outlook Express and Outlook 2000 clients for this purpose.

A relying Party may use any application software that correctly follows the automatic checking as required by X.509, the use of any products not recommended by VillageMall is at the Relying parties total risk.

Manual Checking of certificates

A Relying Party or Subscriber can manually check the contents of a VillageMall CA CRL by following the following steps:

Step 1 Open the VillageMall CA certificate

Locate the URL of the CRL Distribution point.

In the example above this is Network Certification Authority(10).crl

Step 2 Open the VillageMall CA CRL

Step 2 Select the "Revocation List" Tab

Check that the serial number of any certificate that you wish to rely upon is not listed.

Automatic Checking of Server Certificates

If a Relying Party wished to ensure that any VillageMall server certificates are also checked automatically on connection for  entry within a VillageMall CRL(s); the following steps must be performed.

Step 1 Open your IE5 browser

Step 2 Open Tools->Internet Options-> Advanced

Step 3 Select Security-> Select "Check for server certificate revocation"

Step 4 Close the browser.

If you have any questions about performing these operations, please contact VillageMall before relying on any VillageMall CA issued certificates.