Revocation of a certificate and exclusion of other principals in a digital rights management (DRM) system based on a revocation list from a delegated revocation authority

Assignee

• Microsoft Corporation · US

Inventors

• Blair B. Dillaway · Redmond, US
• Philip J. Lafornara · Kirkland, US
• Brian A. LaMacchia · Seattle, US
• Rushmi U. Malaviarachchi · Redmond, US
• John L. Manferdelli · San Francisco, US
• Charles F. Rose, III · Redmond, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/603
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A digital certificate identifies an entity as having authority over the certificate to revoke same as delegated by the issuer. The certificate also has at least one revocation condition relating to possible revocation of the certificate. To authenticate the certificate, the identification of the delegated revocation authority, a location from which a revocation list is to be obtained, and any freshness requirement to be applied to the revocation list are determined from the certificate. It is then ensured that the revocation list from the location is present and that the present revocation list satisfies the freshness requirement, that the revocation list is promulgated by the delegated revocation authority identified in the certificate, and that the certificate is not identified in the revocation list as being revoked.