The IEC 62443-4-2 component requirement CR 1.9 "Strength of public key-based authentication" states:
For components that utilize public-key-based authentication, those components shall provide directly or integrate into a system that provides the capability within the same IACS environment to: … c) validate certificates by checking a given certificate’s revocation status;
Which approach is used for certificate revocation for the TLS-encrypted communication with Azure IoT Hub: Online Certificate Status Protocol (OCSP) and/or Certificate Revocation Lists (CRLs)?
Is certificate revocation validation supported in the Azure IoT SDKs?
