Distributed delegated path discovery and validation
First Claim
1. A method of providing path validation information for a system, comprising:
- determining paths between a subset of certificates of the system and at least one trust root;
storing each of the paths in a table prior to a request for path validation information; and
fetching the validation information stored in the table in response to a request for path validation information.
5 Assignments
0 Petitions
Accused Products
Abstract
Providing path validation information for a system includes determining paths between a subset of certificate of the system and at least one trust root, storing each of the paths in a table prior to a request for path validation information, and fetching the validation information stored in the table in response to a request for path validation information. Providing path validation information may also include digitally signing the validation information. Providing path validation information may also include applying constraints to the validation information and only providing validation information that is consistent with the constraints. Determining paths may include constructing a directed graph of trusted roots and the subset of certificates and performing a depth-first acyclic search of the graph.
136 Citations
54 Claims
-
1. A method of providing path validation information for a system, comprising:
-
determining paths between a subset of certificates of the system and at least one trust root;
storing each of the paths in a table prior to a request for path validation information; and
fetching the validation information stored in the table in response to a request for path validation information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product that provides path validation information for a system, comprising:
-
a storage medium that contains executable code for the computer program product;
executable code that determines paths between a subset of certificates of the system and at least one trust root;
executable code that stores each of the paths in a table prior to a request for path validation information; and
executable code that fetches the validation information stored in the table in response to a request for path validation information. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A server, comprising:
-
a processor;
internal storage coupled to the processor;
executable code, provided on the internal storage, that determines paths between a subset of certificates of the system and at least one trust root;
executable code, provided on the internal storage, that stores each of the paths in a table prior to a request for path validation information; and
executable code, provided on the internal storage, that fetches the validation information stored in the table in response to a request for path validation information. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
-
Specification