A more efficient use of delta-CRLs

Delta-certificate revocation lists (delta-CRLs) were designed to provide a more efficient way to distribute certificate status information. However, as this paper shows, in some environments the benefits of using delta-CRLs will be minimal if delta-CRLs are used as was originally intended. This paper provides an analysis of delta-CRLs that demonstrate the problems associated with issuing delta-CRLs in the "traditional" manner. A new, more efficient technique for issuing delta-CRLs, sliding window delta-CRLs, is presented.