Method and apparatus for processing digitally signed messages to determine address mismatches
First Claim
1. A method of processing signed messages received at a computing device, the method comprising the steps of:
- a) receiving a message comprising a header identifying at least a sender address, at least one portion of signed data, a digital signature corresponding to each portion of signed data, and at least one message separator;
b) determining whether a first message separator appears within a portion of signed data;
c) if the first message separator does not appear within a portion of signed data, performing at least one pre-determined action for each of the digital signatures in the message that appears after the first message separator; and
d) if the first message separator appears within a portion of signed data, verifying that the sender address matches the address associated with a key used to generate the one digital signature that appears after the first message separator and that corresponds to the portion of signed data within which the first message separator appears, and performing at least one pre-determined action for each of the other digital signatures in the message that appears after the first message separator.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for processing digitally signed messages in which address mismatch errors are detected. In at least one aspect, the number of address mismatch errors reported to a user for a message may be minimized for messages that properly incorporate message portions signed by someone other than the sender of the message, as may be the case where the message contains a conversation thread for example, by performing at least one predetermined action for digital signatures corresponding to signed data appearing after a message separator. The message separator may indicate that the message contains data from an older forwarded message or from an older message that has been replied to, for example. The at least one-predetermined action may comprise bypassing verification of address matches for those digital signatures, or verifying address matches for those digital signatures but suppressing user notification of any address mismatch errors, for example.
51 Citations
26 Claims
-
1. A method of processing signed messages received at a computing device, the method comprising the steps of:
-
a) receiving a message comprising a header identifying at least a sender address, at least one portion of signed data, a digital signature corresponding to each portion of signed data, and at least one message separator;
b) determining whether a first message separator appears within a portion of signed data;
c) if the first message separator does not appear within a portion of signed data, performing at least one pre-determined action for each of the digital signatures in the message that appears after the first message separator; and
d) if the first message separator appears within a portion of signed data, verifying that the sender address matches the address associated with a key used to generate the one digital signature that appears after the first message separator and that corresponds to the portion of signed data within which the first message separator appears, and performing at least one pre-determined action for each of the other digital signatures in the message that appears after the first message separator. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification