System and method for electronic certificate revocation
First Claim
1. A system for verifying the status of an electronic certificate having a serial number comprising:
- a computer readable medium;
a set of certificate revocation records, derived from a certificate authority, contained in said computer readable medium; and
, a set of computer readable instructions embodied in said computer readable medium for receiving a certificate status request for the electronic certificate from a requesting party, querying said set of certificate revocation records having revocation information representing the status of the electronic certificate embodied in said computer readable medium according to said certificate status request, and, transmitting said revocation information to the requesting party if said certificate revocation record is successfully retrieve from said set of certificate revocation records so that said requesting party can be informed of the status of the electronic certificate.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method of verifying whether a certificate has been revoked by providing a DNS responder containing a certificate revocation list (CRL), parsing the CRL into DNS zones, and distributing this information to the respective primary DNS responders based upon DNS zones. Information about a specific certificate is gathered by querying a DNS responder for certificate validation information, receiving such information, and reporting the results of the queries to a client software application so that the user of the system can be informed as to whether the certificate has been revoked or not.
28 Citations
21 Claims
-
1. A system for verifying the status of an electronic certificate having a serial number comprising:
-
a computer readable medium;
a set of certificate revocation records, derived from a certificate authority, contained in said computer readable medium; and
,a set of computer readable instructions embodied in said computer readable medium for receiving a certificate status request for the electronic certificate from a requesting party, querying said set of certificate revocation records having revocation information representing the status of the electronic certificate embodied in said computer readable medium according to said certificate status request, and, transmitting said revocation information to the requesting party if said certificate revocation record is successfully retrieve from said set of certificate revocation records so that said requesting party can be informed of the status of the electronic certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for verifying the status of an electronic certificate comprising:
-
a computer readable medium; and
,a set of computer readable instructions embodied within said computer readable medium for receiving a certificate revocation list from a certificate authority, creating a set of certificate revocation records, each having revocation information representing revoked electronic certificates, according to said certificate revocation list, organizing said set of certificate revocation records by DNS zone, and, making available said set of certificate revocation records to requesting parties so that the requesting party can determine the status of a particular electronic certificate organized by DNS zone. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system for verifying the status of an electronic certificate comprising:
-
a computer readable medium; and
,a set of computer readable instructions contained within said computer readable medium for;
creating a certificate status request having certificate authority information, querying a DNS responder for a DNS responder list representing DNS responders having a set of certificate revocation records according to said certificate authority information, receiving said DNS responder list, querying each DNS responder according to said certificate status request until a termination event is encountered, receiving certificate revocation information from said certificate revocation record from said queried DNS responders if said certificate revocation record is discovered, and, providing certificate revocation information according to said requesting party if said certificate revocation record is discovered so that the requesting party is provided the status of the certificate according to said certificate revocation request. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification