Certification validation system

US 20020053023A1
Filed: 02/28/2001
Published: 05/02/2002
Est. Priority Date: 08/17/2000
Status: Active Grant

First Claim

Patent Images

1. A certificate validation mechanism for a network interface, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A certificate validation mechanism is provided for a network interface. The certificate validation mechanism maintains a certificate cache containing local copies of certificates with associated validity indications. The certificate validation mechanism is operable to compare a certificate associated with a received message to the certificate cache and, where the certificate associated with the received message is held in the certificate cache, to associate with the message an indication of validity retrieved from the certificate cache. By providing a cache for certificates local to the network interface, the need always to verify a certificate by reference to a public repository is removed. If a certificate is not held in the local cache, then it can still be necessary to query the public repository. Nevertheless, the verification mechanism provides more immediate verification of certificate validity as this can be made locally without the cost and time of the remote verification at the public repository. The verification mechanism can form part of portal for a network interface.

Citations

25 Claims

1. A certificate validation mechanism for a network interface, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The certificate validation mechanism of claim 1, operable where a certificate is not recorded in the certificate cache to request verification of the validity of the certificate from a validation entity, to record the certificate along with an associated indication of validity derived from a validity verification result returned by the validation entity and to associate with the received certificate an indication of validitv.
  - 3. The certificate validation mechanism of claim 1, wherein the received certificate is received with a message, and the indication of validity is associated with the received message.
  - 4. The certificate validation mechanism of claim 3, wherein the message is an email message.
  - 5. The certificate validation mechanism of claim 3, operable to supply the message to a display engine with the associated certificate validity information.
  - 6. The certificate validation mechanism of claim 3, operable to supply summary information regarding one or more messages to a display engine for display of message summary information including certificate validity information.
  - 7. The certificate validation mechanism of claim 1 for supporting multiple users, wherein the certificate validation mechanism maintains a certificate cache for each user.
  - 8. The certificate validation mechanism of claim 1, comprising a system certificate cache containing certificates and associated validation indications for potential users, the certificate validation mechanism being responsive to a user log on request to verify the validity of a certificate of a user with reference to the system certificate cache.

9. A network interface for interfacing at least one user to a network, the network interface providing a portal defining a user network environment and including a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
- View Dependent Claims (10, 11, 15, 19, 20, 21, 22, 23, 24, 25)
- - 10. A network interface according to claim 9, further comprising an e-mail gateway, the portal being connected to receive e-mail messages via the e-mail gateway.
  - 11. A network interface according to claim 9, further comprising at least one web browser.
  - 15. The computer system of claim 14, comprising a network interface for interfacing at least one user to a network environment and including a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.
  - 19. The method of claim 18, comprising requesting verification of the validity of the certificate from a validation entity where a certificate is not recorded in the certificate cache, recording the certificate along with an associated indication of validity derived from a validity verification result returned by the validation entity and associating with the received certificate an indication of validity.
  - 20. The method of claim 18, wherein the received certificate is received with a message, and the indication of validity is associated with the received message.
  - 21. The method of claim 20, wherein the message is an email message.
  - 22. The method of claim 18, comprising displaying a received message with the associated certificate validity information.
  - 23. The method of claim 18, comprising displaying summary information for one or more messages with certificate validity information.
  - 24. The method of claim 18, including maintaining a certificate cache for each of a plurality of users.
  - 25. The method of claim 18, comprising recording certificates and associated validation indications for potential users in a system certificate cache, and responding to a user log on request to verify the validity of a certificate of a user with reference to the system certificate cache.

12. A program element comprising program code operable to provide a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.

13. A program element comprising program code operable to provide a network interface for interfacing at least one user to a network, the network interface providing a portal defining a user network environment and including a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.

14. A computer system comprising memory, a processor and a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.

16. A computer network comprising at least one computer system connected to at least one further computer via a network, the computer system comprising memory, a processor and a certificate validation mechanism, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.

17. A computer network comprising at least one computer system connected to at least one further computer via a network, the computer system comprising a network interface, the certificate validation mechanism being operable to maintain a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, to associate with the received certificate an indication of validity retrieved from the certificate cache.

18. A method of validating a certificate, the method comprising maintaining a certificate cache that records certificates on which verification of validity has been performed along with an associated indication of validity resulting from the validity verification and being operable to check whether a received certificate is recorded in the certificate cache and, where the received certificate is recorded in the certificate cache, associating with the received certificate an indication of validity retrieved from the certificate cache.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Patterson, Andrew John, Cameron, Nicola, Day, Hilton

Granted Patent

US 6,996,711 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 63/0823 using certificates cryptogr...

H04L 63/123 received data contents, e.g...

Certification validation system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Certification validation system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links