CRL_DIST_POINT structure (wincrypt.h)

The CRL_DIST_POINT structure identifies a single certificate revocation list (CRL) distribution point that a certificate user can reference to determine whether certificates have been revoked. A certificate user can obtain a CRL from an applicable distribution point or can obtain a current complete CRL from the certification authority (CA) directory entry.

The CRL_DIST_POINT structures are the elements in the array member of a CRL_DIST_POINTS_INFO structure.

Syntax

typedef struct _CRL_DIST_POINT {
  CRL_DIST_POINT_NAME DistPointName;
  CRYPT_BIT_BLOB      ReasonFlags;
  CERT_ALT_NAME_INFO  CRLIssuer;
} CRL_DIST_POINT, *PCRL_DIST_POINT;

Members

DistPointName

A CRL_DIST_POINT_NAME structure that identifies the location of a CRL source. If NULL, the distribution point name defaults to the CRLIssuer name.

ReasonFlags

A CRYPT_BIT_BLOB that contains a byte that indicates the revocation reasons covered by the CRL.

If NULL, the indicated CRL distribution point distributes a CRL that will contain an entry for this certificate if this certificate has been revoked, regardless of the revocation reason.

The following are currently defined ReasonFlags values. For revocations of several reasons, combine these ReasonFlags by using a bitwise-OR operation.

• CRL_REASON_UNUSED_FLAG
• CRL_REASON_KEY_COMPROMISE_FLAG
• CRL_REASON_CA_COMPROMISE_FLAG
• CRL_REASON_AFFILIATION_CHANGED_FLAG
• CRL_REASON_SUPERSEDED_FLAG
• CRL_REASON_CESSATION_OF_OPERATION_FLAG
• CRL_REASON_CERTIFICATE_HOLD_FLAG

CRLIssuer

A CERT_ALT_NAME_INFO that identifies the authority that issued and signed the CRL. If NULL, the issuer name defaults to the issuer name of the certificate.

Requirements

Requirement	Value
Minimum supported client	Windows XP [desktop apps only]
Minimum supported server	Windows Server 2003 [desktop apps only]
Header	wincrypt.h

See also

CRL_DIST_POINTS_INFO

CRL_DIST_POINT_NAME