Summary

The article provides information about CRL Data and CRL Data Format for Validation Authority.

Details

In what format does VA Publisher publish the CRLs to the VA?
A: It is packaged in PKCS7 envelope.

In what format does the VA store the files is gets from the VA Publisher?
A: CRL storage is internal to VA. It is not directly exposed to outside world.

Are the CRLs files under the entserv\crls directory the CRL files as published by the CA? 
A: Every CA has its own folder created under entserv\crls directory. It contains CRLs published by CA and the storage is optimized for better performance.

How does the VA come up with the name for each of crl directory? 
A: Hashed CA issuer name is used to name the CA CRL folder.

What is in the crl.dat file?
A: This is the latest CRL file published to VA.

What is in the crl.db.bin? 
A: It contains the stack of full and delta CRLs published to VA.

When the VA is restarted what files does it read to get the crl data for all CAs?
A: It reads the crl.dat file which is the latest CRL published to VA.

Does the VA load all the CRL data into memory?”
A: It does so only in case of responder model of VA.