Please download the dossier by clicking on the dossier button x
×

Network security with surrogate digital certificates

  • US 10,397,006 B2
  • Filed: 02/13/2017
  • Issued: 08/27/2019
  • Est. Priority Date: 02/13/2017
  • Status: Active Grant
First Claim
Patent Images

1. A system, comprising:

  • a computer system that includes a processor; and

    memory containing executable instructions that, as a result of execution by the processor, cause the system to;

    receive a certificate chain transmitted from a server to a client, the certificate chain comprising;

    an intermediate certificate comprising an intermediate authority public key and intermediate subject information, wherein validity of the intermediate certificate is cryptographically verifiable based at least in part on a first chain of trust between the intermediate certificate and a trusted root certificate; and

    an end-entity certificate comprising an end-entity public key, wherein validity of the end-entity certificate is cryptographically verifiable based at least in part on the intermediate authority public key;

    generate a surrogate certificate chain by;

    obtaining a surrogate intermediate certificate comprising a surrogate intermediate authority public key and subject information associated with the intermediate subject information, wherein validity of the surrogate intermediate certificate is cryptographically verifiable based at least in part on a second chain of trust between the surrogate intermediate certificate and a trusted surrogate root certificate; and

    obtaining a surrogate end-entity certificate comprising a surrogate end-entity public key and subject information associated with end-entity subject information of the surrogate end-entity certificate, wherein the surrogate end-entity certificate is digitally signed using a surrogate intermediate authority private key corresponding to the surrogate intermediate authority public key; and

    transmit the surrogate certificate chain to the client as a replacement for the certificate chain.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×