Certificating authority trust evaluation

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Anooshiravan Saboor · Seattle, US
• Muhammad Umar Janjua · Bellevue, US
• Nelly Porter · Kirkland, US
• Philip J. Hallin · Port Townsend, US
• Haitao Li · Dongguan, CN
• Xiaohong Su · Issaquah, US
• Kelvin Yiu · Bellevue, US
• Anthony Penta · Bellevue, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0823
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

In many information security scenarios, a certificate issued by a certificating authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificating authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for providing a certificating authority trust service that collects and evaluates certificates submitted to clients by certificating authorities, and advises the clients of a certificating authority trust level for respective certificating authorities (e.g., determined as a consensus of the evaluated certificates issued by the certificating authority). The clients may use a certificating authority trust set distributed by the certificating authority trust service to determine whether to trust a certificate issued from a particular certificating authority.