Splicing into an active TLS session without a certificate or private key
US9137218B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 2, 2014 |
| Grant date | Sep 15, 2015 |
| Priority date | — |
| Expiry date | May 17, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/0844
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An origin server selectively enables an intermediary (e.g., an edge server) to shunt into and out of an active TLS session that is on-going between a client and the origin server. The technique allows for selective pieces of a data stream to be delegated from an origin to the edge server for the transmission (by the edge server) of authentic cached content, but without the edge server having the ability to obtain control of the entire stream or to decrypt arbitrary data after that point. The technique enables an origin to authorize the edge server to inject cached data at certain points in a TLS session, as well as to mathematically and cryptographically revoke any further access to the stream until the origin deems appropriate.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.