Revocation is the process of invalidating a CSOS Certificate before its expiration date. The CSOS CA places invalidated certificates on a Certificate Revocation List (CRL) that is checked by all suppliers before a CSOS transaction is completed. Revocation may be requested by the certificate's owner or a coordinator for the certificate's associated DEA Registration. Additionally, the CSOS CA or PMA may revoke certificates.
Reasons for Revocation
Common reasons for revocation include:
- Termination of the subscriber's employment
- Changes in subscriber information
- Legal name change
- Change of E-mail address
- Changes in DEA Registration information
- Registration number changed or no longer used
- Change of authorized schedules
- Change of address or registration name
- Policy violations
- Private key compromise (i.e. theft and/or unauthorized usage)
Certificates may be revoked by digitally signed E-mail (preferable) or phone call. All requests will be thoroughly authenticated by the CSOS CA.
Certificates may be revoked by the following individuals:
- The subscriber (i.e. owner of the certificate)
- The subscriber's CSOS Coordiantor
- The DEA Registrant
- If no coordinator exists, and/or the subscriber is the DEA Registrant, certificates may be revoked by a supervisor via phone call and postal mailed letter
- The CSOS CA or PMA
Results of Revocation
Revoked certificates are permanently added to the CSOS CA's Certificate Revocation List (CRL). Since suppliers are required to check this list to verify the validity of each Certificate, revoked certificates will not pass validation.
Return to Certificate Management