Method and system for performing on-line status checking of digital certificates
First Claim
1. A communication system comprising:
- a communication network;
a server coupled to said communication network for determining a revocation status of a digital certificate in response to a status request;
a client coupled to said server through said communication network for transmitting said status request to said server, wherein a reply from said server to said client notifies said client of said revocation status; and
an on-line secure communication session over said communication network between said client and said server for securely transferring said reply automatically.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for performing on-line status checking of digital certificates. Specifically, the present invention describes a communication system having a client and a server coupled together. The client requests information from the server. A secure communication session is established between the client and the server for checking the revocation status of a digital certificate associated with the information. As such, further authentication of communication about the certificate status between the client and the server is unnecessary. A status request pertaining to the digital certificate is sent by the client to the server. The server checks the revocation status of the digital certificate against a current digitally signed certificate revocation list. The server notifies the client as to the revocation status of the digital certificate prior to any transmission of information.
-
Citations
40 Claims
-
1. A communication system comprising:
-
a communication network;
a server coupled to said communication network for determining a revocation status of a digital certificate in response to a status request;
a client coupled to said server through said communication network for transmitting said status request to said server, wherein a reply from said server to said client notifies said client of said revocation status; and
an on-line secure communication session over said communication network between said client and said server for securely transferring said reply automatically. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A communication system comprising:
-
a communication network;
a server coupled to said communication network for determining a revocation status of a digital certificate in response to a status request associated with a poll for a software patch authenticated by said digital certificate;
a client coupled to said server through said communication network for initiating said poll and transmitting said status request to said server, wherein a reply from said server to said client notifies said client of said revocation status; and
an on-line secure communication session over said communication network between said client and said server for securely transmitting said reply automatically. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of validating a digital authentication comprising:
-
a) establishing a secure on-line communication session between a client and a server, wherein said client authenticates said server and requests status information of a digital certificate from said server over said secure communication session;
b) determining a revocation status of said digital certificate at said server in response to a status request from said client; and
c) notifying said client of said revocation status by securely transferring said revocation status to said client. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method of validating a digital authentication comprising:
-
a) establishing a secure on-line communication session with a client for the transfer of a software patch to said client in response to a polling request for said software patch that is authenticated by a digital certificate;
b) determining a revocation status of said digital certificate in response to a status request from said client; and
c) notifying said client of said revocation status of said digital certificate prior to any transfer of said software patch to said client over said secure communication session. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification