Where would you find a list of revoked certificates from a Certificate Authority (CA)?

A list of revoked certificates from a Certificate Authority (CA) is found in a Certificate Revocation List (CRL). The CRL is a crucial component of public key infrastructure (PKI) and is maintained by the CA to provide information about certificates that are no longer valid before their expiration date. This can occur due to various reasons, such as key compromise, cessation of operation, or a change in the user's status.

The CRL is periodically updated and serves as an essential tool for ensuring that users and systems can verify the validity of a certificate before trusting it for secure communications. By consulting the CRL, one can determine if a particular certificate has been revoked, thus maintaining the integrity of the security environment.

In contrast, other options like the Registration Authority (RA) are responsible for accepting requests for digital certificates and authenticating the entity making the request, rather than managing revocation. RFC refers to Request for Comments, which are documents published by the Internet Engineering Task Force (IETF) that outline specifications and protocols. The CA itself issues and manages certificates but is wherein the CRL is actually housed to manage revocation information.