About Revocation

Revocation is the process of invalidating a CSOS Certificate before its expiration date. The CSOS CA places invalidated certificates on a Certificate Revocation List (CRL) that is checked by all suppliers before a CSOS transaction is completed. Revocation may be performed by the certificate's owner. Registrants may revoke subordinate certificates, such Coordinators and POAs. Coordinators may revoke POAs. Additionally, the CSOS CA or PMA may revoke certificates.

Reasons for Revocation

Common reasons for revocation include:

• Termination of the subscriber's employment
• Changes in subscriber information
  • Change of E-mail address
• Changes in DEA Registration information
  • Registration number changed or no longer used
  • Change of authorized schedules
  • Change of address or registration name
• Policy violations
• Private key compromise (i.e. theft and/or unauthorized usage)

Revocation Methods

Certificates may be revoked by the following individuals:

• The subscriber (i.e. owner of the certificate)
• The subscriber's CSOS Registrant
• DEA Diversion Investigators

Results of Revocation

Revoked certificates are permanently added to the CSOS CA's Certificate Revocation List (CRL). Since suppliers are required to check this list to verify the validity of each Certificate, revoked certificates will not pass validation.