Certification validation system
First Claim
1. A certificate validation mechanism for a network interface, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
3 Assignments
0 Petitions
Accused Products
Abstract
A certificate validation mechanism is provided for a network interface. The certificate validation mechanism maintains a certificate cache containing local copies of certificates with associated validity indications. The certificate validation mechanism is operable to compare a certificate associated with a received message to the certificate cache and, where the certificate associated with the received message is held in the certificate cache, to associate with the message an indication of validity retrieved from the certificate cache. By providing a cache for certificates local to the network interface, the need always to verify a certificate by reference to a public repository is removed. If a certificate is not held in the local cache, then it can still be necessary to query the public repository. Nevertheless, the verification mechanism provides more immediate verification of certificate validity as this can be made locally without the cost and time of the remote verification at the public repository. The verification mechanism can form part of portal for a network interface.
-
Citations
25 Claims
- 1. A certificate validation mechanism for a network interface, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
- 9. A network interface for interfacing at least one user to a network, the network interface providing a portal defining a user network environment and including a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
-
12. A program element comprising program code operable to provide a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
-
13. A program element comprising program code operable to provide a network interface for interfacing at least one user to a network, the network interface providing a portal defining a user network environment and including a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
-
14. A computer system comprising memory, a processor and a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
-
16. A computer network comprising at least one computer system connected to at least one further computer via a network, the computer system comprising memory, a processor and a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
-
17. A computer network comprising at least one computer system connected to at least one further computer via a network, the computer system comprising a network interface, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
-
18. A method of validating a certificate, the method comprising maintaining a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, associating with the received certificate an indication of validity retrieved from the certificate cache.
Specification