System and method for a remote access service enabling trust and interoperability when retrieving certificate status from multiple certification authority reporting components

Assignee

• EORIGINAL, INC. · US

Inventors

• Stephen F. Bisbee · Gibson Island, US
• Jack J. Moskowitz · Ellicott City, US
• Keith F. Becker · Baltimore, US
• Walter J. Hilton · Severna Park, US
• Joshua Szebenyi · Baltimore, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/56
• WIPO fieldIT methods for management
• WIPO sectorElectrical engineering

Abstract

A Certificate Status Service that is configurable, directed, and able to retrieve status from any approved Certification Authority (CA) is disclosed. The CSS may be used by a Trusted Custodial Utility (TCU) and comparable systems or applications whose roles are validating the right of an individual to perform a requisite action, the authenticity of submitted electronic information objects, and the status of authentication certificates used in digital signature verification and user authentication processes. The validity check on authentication certificates is performed by querying an issuing CA. Traditionally, to create a trusted Public Key Infrastructure (PKI) needed to validate certificates, complex relationships are formed by cross-certification among CAs or by use of PKI bridges. The PKI and CA interoperability problem is addressed from a different point of view, with a focus on establishing a trust environment suitable for the creation, execution, maintenance, transfer, retrieval and destruction of electronic original information objects that may also be transferable records (ownership may change hands). A TCU is concerned only with a known set of “approved CAs” although they …