CRL is the abbreviation of Certificate Revocation List. The serial number of the user certificate that has not expired but has been declared invalid is recorded in the CRL for the certificate user to query and use when authenticating the other party's certificate. CRLs are often called certificate blacklists. When validating a certificate or signature, an application can determine whether a given certificate is still trusted by checking the CRL (some applications use the Microsoft Certificate Chain Verification API in CryptoAPI to accomplish this task). If untrustworthy, the application can determine whether the reason or date for revocation has any impact on the use of the certificate in question.