Which is a list of certificates that are no longer trusted?

In PKI, certificates can be revoked before they expire if their private keys are compromised or policies change. The Certificate Revocation List is exactly the mechanism that communicates which certificates should no longer be trusted. It is published by the Certificate Authority and contains the serial numbers of certificates that have been revoked. When a client encounters a certificate, it can check this list (or use an online service) to determine trust; if the certificate’s serial number is on the list, it should be treated as untrusted. The other terms relate to different parts of the PKI process or to a data-security technique, not to listing revoked certificates: a Certificate Authority issues certificates; a Registration Authority handles enrollment and verification; and tokenization is a data-substitution method.