Method and apparatus improving efficiency of end-user certificate validation
US7290133B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Nov 17, 2000 |
| Grant date | Oct 30, 2007 |
| Priority date | — |
| Expiry date | Mar 29, 2023 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/3263
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An apparatus and method collects, for a community of interest, at least one cross certificate associated with an anchor certificate issuing unit, and obtains at least one certificate issuing unit public key and an associated unique identifier for a cross-certified certificate issuing unit identified by the at least one cross certificate. For example, a certificate issuing unit, client unit, or other suitable unit, searches for one or up to all certification authorities or certificate issuing units that it can trust based on cross certificate chains. This is done, for example, from a given trust anchor. The apparatus selects those obtained certificates that satisfy, for example, some search criteria, such as what policy must be enforced in each certificate, for example, the allowed path length or depth that the apparatus is allowed to evaluate, and creates a signed certificate set, such as a list of all trusted certificate issuing units from the perspective of a given trust anchor. Accordingly, the apparatus and method creates a signed certificate set identifying certificate issuing units determined to be trusted by the anchor certificate issuing unit based on the cross certificates…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.