Method and service for the authentication of a public key certificate by means of quality characteristics
1 Assignment
0 Petitions
Accused Products
Abstract
A method, system, and service of authenticating a public key certificate for a relying party (RP). A Certificate Authority (CA), who issued the certificate, is a member of a Public Key Infrastructure (PKI) having a Certificate Policy (CP). First quality levels required of the CA by the RP are accessed by a certificate classification service (CCS) and corresponding second quality levels possessed by the CA are ascertained by the CCS. At least one quality characteristic pertaining to the second quality levels relates to at least one element of the CP. The ascertained second quality levels are compared by the CCS with the corresponding accessed first quality levels. A result of the comparing, communicated by the CCS to the RP, is that the certificate is authenticated if the comparing has determined that each first quality level is not less than each corresponding second quality level.
-
Citations
38 Claims
-
1-13. -13. (canceled)
-
14. A method for authentication of a public key certificate as a service to a relying party (RP) in response to a request for said authentication by the RP who desires to determine a level of trust in a Certificate Authority (CA) that issued the certificate, said method comprising:
-
accessing a first quality level of each quality characteristic of a first set of quality characteristics required of the CA by the RP, said CA being a member of a Public Key Infrastructure (PKI) having a Certificate Policy (CP);
ascertaining a second quality level of each quality characteristic of a second set of quality characteristics possessed by the CA, each ascertained quality characteristic of the second set corresponding to an accessed quality characteristic of the first set on a one-to-one basis, at least one quality characteristic of the second set relating to at least one element of the CP;
comparing the ascertained second quality level of each quality characteristic of the second set with the accessed quality level of each corresponding quality characteristic of the first set; and
communicating a first result of said comparing to the RP, said first result being that the certificate is authenticated if said comparing has determined that each first quality level is not less than each corresponding second quality level, otherwise said first result being that the certificate is not authenticated, said accessing, ascertaining, comparing, and communicating being performed by a certificate classification service. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for authentication of a public key certificate as a service to a relying party (RP) in response to a request for said authentication by the RP who desires to determine a level of trust in a Certificate Authority (CA) that issued the certificate, said system comprising:
-
means for accessing a first quality level of each quality characteristic of a first set of quality characteristics required of the CA by the RP, said CA being a member of a Public Key Infrastructure (PKI) having a Certificate Policy (CP);
means for ascertaining a second quality level of each quality characteristic of a second set of quality characteristics possessed by the CA, each ascertained quality characteristic of the second set corresponding to an accessed quality characteristic of the first set on a one-to-one basis, at least one quality characteristic of the second set relating to at least one element of the CP;
means for comparing the ascertained second quality level of each quality characteristic of the second set with the accessed quality level of each corresponding quality characteristic of the first set; and
means for communicating a first result of said comparing to the RP, said first result being that the certificate is authenticated if said comparing has determined that each first quality level is not less than each corresponding second quality level, otherwise said first result being that the certificate is not authenticated, said accessing, ascertaining, comparing, and communicating being performed by a certificate classification service. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A computer program product, comprising software code loadable into an internal memory of a digital computer, said software code when executed on the computer performs a method for authentication of a public key certificate as a service to a relying party (RP) in response to a request for said authentication by the RP who desires to determine a level of trust in a Certificate Authority (CA) that issued the certificate, said method comprising:
-
accessing a first quality level of each quality characteristic of a first set of quality characteristics required of the CA by the RP, said CA being a member of a Public Key Infrastructure (PKI) having a Certificate Policy (CP);
ascertaining a second quality level of each quality characteristic of a second set of quality characteristics possessed by the CA, each ascertained quality characteristic of the second set corresponding to an accessed quality characteristic of the first set on a one-to-one basis, at least one quality characteristic of the second set relating to at least one element of the CP;
comparing the ascertained second quality level of each quality characteristic of the second set with the accessed quality level of each corresponding quality characteristic of the first set; and
communicating a first result of said comparing to the RP, said first result being that the certificate is authenticated if said comparing has determined that each first quality level is not less than each corresponding second quality level, otherwise said first result being that the certificate is not authenticated, said accessing, ascertaining, comparing, and communicating being performed by a certificate classification service. - View Dependent Claims (34, 35, 36, 37, 38)
-
Specification