Abstract: Based on the analysis of the algorithm, performance and problem of a novel certificate revocation approach called the windowed revocation mechanism, a new and more efficient certificate revocation mechanism is proposed in this paper. The new mechanism integrates windowed certificate revocation and Delta-CRL mechanism, and uses effective method to avoid replay-attack.It satisfies the scalability and flexibility requirements of certificate revocation mechanism and, as the same time, can provide near real-time certificate status when required. The design and performance of the new mechanism is analyzed in this paper.