Method and system for verifying identification of an electronic mail message

US 20060031315A1
Filed: 06/01/2004
Published: 02/09/2006
Est. Priority Date: 06/01/2004
Status: Active Grant

First Claim

Patent Images

1. A method for verifying identification of an electronic mail message, said method comprising:

receiving an electronic mail message comprising a signature and a key identifier, said signature identifying a domain from which said electronic mail message originated and said key identifier for verifying said signature; and

accessing a key registration server of said domain to verify authorization of said key identifier.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for verifying identification of an electronic mail message. An electronic mail message including a signature and a key is received, the signature identifying a domain from which the electronic mail message originated and the key for verifying the signature. A key registration server of the domain is accessed to verify the key. The key registration server provides for verifying that a key used to sign an electronic mail message is valid and that the sender is authorized by the domain to send the electronic mail message from the return address.

111 Citations

View as Search Results

74 Claims

1. A method for verifying identification of an electronic mail message, said method comprising:
- receiving an electronic mail message comprising a signature and a key identifier, said signature identifying a domain from which said electronic mail message originated and said key identifier for verifying said signature; and
  
  accessing a key registration server of said domain to verify authorization of said key identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method as recited in claim 1 further comprising performing a domain name system (DNS) lookup to locate said key registration server.
  - 3. The method as recited in claim 1 further comprising receiving a key from said key registration server based on said key identifier;
    - and in response to said receiving said key, verifying said authorization of said key.
  - 4. The method as recited in claim 1 wherein said key identifier is a key.
  - 5. The method as recited in claim 4 further comprising:
    - receiving a value from said key registration server indicating a trust level of said key according to said domain; and
      
      verifying said authorization of said key based on said value.
  - 6. The method as recited in claim 5 wherein said value is based on a key fingerprint of said key.
  - 7. The method as recited in claim 1 further comprising accessing a rating service to determine a security rating associated with said electronic mail message.
  - 8. The method as recited in claim 7, wherein said security rating is associated with a sender of said electronic mail message.
  - 9. The method as recited in claim 7, wherein said security rating is associated with said domain.
  - 10. The method as recited in claim 1 further comprising verifying said signature based on said key.
  - 11. The method as recited in claim 1 further comprising verifying said identification of said electronic mail message based on said signature and said key.
  - 12. The method as recited in claim 7 further comprising verifying said identification of said electronic mail message based on said signature, said key and said security rating.

13. A system for verifying identification of an electronic mail message, said system comprising:
- a mail signer for transmitting an electronic mail message, said electronic mail message comprising a signature and a key identifier, said key identifier for verifying said signature;
  
  a key registration server for registering a key; and
  
  a mail verifier for receiving said electronic mail message, for verifying said signature based on said key identifier, and for accessing said key registration server to verify authorization of said key identifier.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 14. The system as recited in claim 13 wherein said mail signer is a mail transfer agent.
  - 15. The system as recited in claim 13 wherein said mail signer is a mail user agent.
  - 16. The system as recited in claim 13 wherein said mail verifier is a mail transfer agent.
  - 17. The system as recited in claim 13 wherein said mail verifier is a mail user agent.
  - 18. The system as recited in claim 13 wherein said mail verifier is also for performing a domain name system (DNS) lookup to locate said key registration server.
  - 19. The system as recited in claim 13 wherein said mail verifier is also for receiving said key from said key registration server based on said key identifier, and verifying said authorization of said key in response to said receiving said key.
  - 20. The system as recited in claim 13 wherein said key identifier is a key.
  - 21. The system as recited in claim 20 wherein said key registration server is also for determining a value indicating a trust level of said key according to said domain.
  - 22. The system as recited in claim 21 wherein said value is based on a key fingerprint of said key.
  - 23. The system as recited in claim 13 further comprising a rating service for determining a security rating associated with said electronic mail message.
  - 24. The system as recited in claim 23, wherein said security rating is associated with a sender of said electronic mail message.
  - 25. The system as recited in claim 23, wherein said security rating is associated with said domain.
  - 26. The system as recited in claim 13 wherein said mail verifier is also for verifying said signature based on said key.
  - 27. The system as recited in claim 13 wherein said mail verifier is also for verifying said identification of said electronic mail message based on said signature and said key.
  - 28. The system as recited in claim 23 wherein said mail verifier is also for verifying said identification of said electronic mail message based on said signature, said key and said security rating.

29. An electronic device comprising:
- a bus;
  
  a computer-readable memory coupled to said bus; and
  
  a processor coupled to said bus, said processor for executing a method for verifying identification of an electronic mail message, said method comprising;
  
  receiving an electronic mail message comprising a signature and a key, said signature identifying a domain from which said electronic mail message originated and said key for verifying said signature; and
  
  accessing a key registration server of said domain to verify authorization of said key.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 30. The electronic device as recited in claim 29 wherein said method further comprises performing a domain name system (DNS) lookup to locate said key registration server.
  - 31. The electronic device as recited in claim 29 wherein said method further comprises:
    - receiving a value from said key registration server indicating a trust level of said key according to said domain; and
      
      verifying said authorization of said key based on said value.
  - 32. The electronic device as recited in claim 31 wherein said value is based on a key fingerprint of said key.
  - 33. The electronic device as recited in claim 29 wherein said method further comprises accessing a rating service to determine a security rating associated with said electronic mail message.
  - 34. The electronic device as recited in claim 33, wherein said security rating is associated with a sender of said electronic mail message.
  - 35. The electronic device as recited in claim 33, wherein said security rating is associated with said domain.
  - 36. The electronic device as recited in claim 29 wherein said method further comprises verifying said signature based on said key.
  - 37. The electronic device as recited in claim 29 wherein said method further comprises verifying said identification of said electronic mail message based on said signature and said key.
  - 38. The electronic device as recited in claim 33 wherein said method further comprises verifying said identification of said electronic mail message based on said signature, said key and said security rating.

39. A system for verifying identification of an electronic mail message, said system comprising:
- means for transmitting an electronic mail message, said electronic mail message comprising a signature and a key, said key for verifying said signature;
  
  means for registering said key; and
  
  means for receiving said electronic mail message and operable to verify said signature based on said key and operable to access said means for registering said key to verify authorization of said key.
- View Dependent Claims (40, 41, 42)
- - 40. The system as recited in claim 39 wherein said means for receiving said electronic mail message is also operable to perform a domain name system (DNS) lookup to locate said means for registering said key.
  - 41. The system as recited in claim 39 wherein said means for registering said key is also operable to determine a value indicating a trust level of said key according to said domain.
  - 42. The system as recited in claim 39 further comprising a means for determining a security rating associated with said electronic mail message.

43. A method for verifying authorization of a key, said method comprising:
- receiving an authorization verification request for verifying said authorization of said key, wherein said key is associated with an electronic mail message originating from a domain;
  
  determining a value indicating a trust level of said key according to said domain; and
  
  transmitting a response comprising said value.
- View Dependent Claims (44, 45, 46, 47)
- - 44. The method as recited in claim 43 wherein said authorization verification request comprises said key.
  - 45. The method as recited in claim 43 wherein said authorization verification request comprises a key fingerprint associated with said key.
  - 46. The method as recited in claim 43 wherein said authorization verification request comprises a request for said key.
  - 47. The method as recited in claim 43 wherein said response comprises a time to live of said authorization.

48. A computer-usable medium having computer-readable program code embodied therein for causing a computer system to perform a method for verifying authorization of a key, said method comprising:
- receiving an authorization verification request for verifying said authorization of said key, wherein said key is associated with an electronic mail message originating from a domain;
  
  determining a value indicating a trust level of said key according to said domain; and
  
  transmitting a response comprising said value.
- View Dependent Claims (49, 50, 51, 52)
- - 49. The computer-usable medium as recited in claim 48 wherein said authorization verification request comprises said key.
  - 50. The computer-usable medium as recited in claim 48 wherein said authorization verification request comprises a key fingerprint associated with said key.
  - 51. The computer-usable medium as recited in claim 48 wherein said authorization verification request comprises a request for said key.
  - 52. The computer-usable medium as recited in claim 48 wherein said response comprises a time to live of said authorization.

53. An electronic device comprising:
- a bus;
  
  a computer-readable memory coupled to said bus; and
  
  a processor coupled to said bus, said processor for executing a method for verifying authorization of a key, said method comprising;
  
  receiving an authorization verification request for verifying said authorization of said key, wherein said key is associated with an electronic mail message originating from a domain;
  
  determining a value indicating a trust level of said key according to said domain; and
  
  transmitting a response comprising said value.
- View Dependent Claims (54, 55, 56, 57)
- - 54. The electronic device as recited in claim 53 wherein said authorization verification request comprises said key.
  - 55. The electronic device as recited in claim 53 wherein said authorization verification request comprises a key fingerprint associated with said key.
  - 56. The electronic device as recited in claim 53 wherein said authorization verification request comprises a request for said key.
  - 57. The electronic device as recited in claim 53 wherein said response comprises a time to live of said authorization.

58. A system for verifying authorization of a key, said system comprising:
- means for receiving an authorization verification request for verifying said authorization of said key, wherein said key is associated with an electronic mail message originating from a domain;
  
  means for determining a value indicating a trust level of said key according to said domain; and
  
  means for transmitting a response comprising said value.
- View Dependent Claims (59, 60, 61, 62)
- - 59. The system as recited in claim 58 wherein said authorization verification request comprises said key.
  - 60. The system as recited in claim 58 wherein said authorization verification request comprises a key fingerprint associated with said key.
  - 61. The system as recited in claim 58 wherein said authorization verification request comprises a request for said key.
  - 62. The system as recited in claim 58 wherein said response comprises a time to live of said authorization.

63. A method for determining a security rating, said method comprising:
- monitoring security of a domain;
  
  receiving a security rating request associated with an electronic mail message originating from a domain;
  
  determining a security rating associated with said electronic mail message; and
  
  transmitting a response comprising said security rating.
- View Dependent Claims (64, 65)
- - 64. The method as recited in claim 63 wherein said security rating is associated with a sender of said electronic mail message.
  - 65. The method as recited in claim 63 wherein said security rating is associated with said domain.

66. A computer-usable medium having computer-readable program code embodied therein for causing a computer system to perform a method for determining a security rating, said method comprising:
- monitoring security of a domain;
  
  receiving a security rating request associated with an electronic mail message originating from a domain;
  
  determining a security rating associated with said electronic mail message; and
  
  transmitting a response comprising said security rating.
- View Dependent Claims (67, 68)
- - 67. The computer-usable medium as recited in claim 66 wherein said security rating is associated with a sender of said electronic mail message.
  - 68. The computer-usable medium as recited in claim 66 wherein said security rating is associated with said domain.

69. An electronic device comprising:
- a bus;
  
  a computer-readable memory coupled to said bus; and
  
  a processor coupled to said bus, said processor for executing a method for determining a security rating, said method comprising;
  
  monitoring security of a domain;
  
  receiving a security rating request associated with an electronic mail message originating from a domain;
  
  determining a security rating associated with said electronic mail message; and
  
  transmitting a response comprising said security rating.
- View Dependent Claims (70, 71)
- - 70. The electronic device as recited in claim 69 wherein said security rating is associated with a sender of said electronic mail message.
  - 71. The electronic device as recited in claim 69 wherein said security rating is associated with said domain.

72. A system for determining a security rating, said system comprising:
- means for monitoring security of a domain;
  
  means for receiving a security rating request associated with an electronic mail message originating from a domain;
  
  means for determining a security rating associated with said electronic mail message; and
  
  means for transmitting a response comprising said security rating.
- View Dependent Claims (73, 74)
- - 73. The system as recited in claim 72 wherein said security rating is associated with a sender of said electronic mail message.
  - 74. The system as recited in claim 72 wherein said security rating is associated with said domain.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Thomas, Michael A., Baker, Frederick J., Fenton, James L.

Granted Patent

US 7,437,558 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/206
CPC Class Codes

H04L 51/212 using filtering or selectiv...

Method and system for verifying identification of an electronic mail message

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

111 Citations

74 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for verifying identification of an electronic mail message

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

111 Citations

74 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links