A certificate trust list (CTL) enables you to limit the purpose and the validity period for which a certificate is trusted, even when it may have been issued for multiple purposes.

Typically, a CA can issue certificates for a wide variety of purposes, such as secure e-mail or client authentication. There might be situations in which you want to limit the trust of certificates that are issued by a particular CA, especially if the CA is outside your organization. In these situations, creating a CTL and distributing it by using Group Policy can be useful.

The Trust List tab lists the certificates contained within the CTL and significant values associated with each certificate.

The General tab contains information about the CTL itself, including the version number, effective date, algorithms, and subject usage.