E-mail system and method having certified opt-in capabilities

US 20080141026A1
Filed: 12/11/2006
Published: 06/12/2008
Est. Priority Date: 12/11/2006
Status: Active Grant

First Claim

Patent Images

1. A method of processing an email generated by an emailer and intended for a recipient, said emailer maintaining an opt-in email list, the method comprising:

receiving said email, said email including an information portion and an authentication portion, said authentication portion being generated from said information portion using a first key associated with said recipient and said opt-in email list in a manner that causes said authentication portion to be securely cryptographically linked to said information portion;

obtaining a certificate generated by a trusted third party, said certificate being generated by said trusted third party in response to said recipient opting-in to said opt-in email list, said certificate including a certificate key associated with said recipient and said opt-in email list;

determining whether said certificate can be verified;

determining whether said authentication portion can be verified using said certificate key; and

providing said email to said recipient if said certificate and said authentication portion are successfully verified.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An opt-in email system in which a recipient that has opted in to an email list can recognize and trust that an email has actually come from a desired sender. When a recipient desires to opt-in to an e-mail list, the recipient is sent to a trusted third party certification service that generates a certificate associated with a key pair. A key is maintained at the sender'"'"'s location by a secure cryptographic device that can verify the certificate and create a signature, using a key of the key pair, for messages intended for the recipient. When a message intended for the recipient is received from the sender, the signature will be verified based on the status of the certificate and the corresponding key of the key pair. If the signature does not verify, it indicates that the recipient has not opted-in to receive emails from this sender.

44 Citations

View as Search Results

28 Claims

1. A method of processing an email generated by an emailer and intended for a recipient, said emailer maintaining an opt-in email list, the method comprising:
- receiving said email, said email including an information portion and an authentication portion, said authentication portion being generated from said information portion using a first key associated with said recipient and said opt-in email list in a manner that causes said authentication portion to be securely cryptographically linked to said information portion;
  
  obtaining a certificate generated by a trusted third party, said certificate being generated by said trusted third party in response to said recipient opting-in to said opt-in email list, said certificate including a certificate key associated with said recipient and said opt-in email list;
  
  determining whether said certificate can be verified;
  
  determining whether said authentication portion can be verified using said certificate key; and
  
  providing said email to said recipient if said certificate and said authentication portion are successfully verified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, wherein said first key is a private key and said certificate key is a public key, said private key and said public key together forming a public key/private key pair.
  - 3. The method according to claim 2, wherein said first key and said certificate key are generated by said trusted third party in response to said recipient opting-in to said opt-in email list.
  - 4. The method according to claim 1, wherein said first key and said certificate key are a secret key.
  - 5. The method according to claim 4, wherein said secret key is generated by said trusted third party in response to said recipient opting-in to said opt-in email list.
  - 6. The method according to claim 4, wherein said secret key is a password generated by said recipient while opting-in to said opt-in email list.
  - 7. The method according to claim 1, wherein said certificate expires after a specified time period, wherein said step of determining whether said certificate can be verified comprises determining whether said certificate has expired, and wherein said certificate cannot be successfully verified if it is determined that said certificate has expired.
  - 8. The method according to claim 7, further comprising periodically receiving reissued certificates from said trusted third party for so long as said recipient has not instructed said trusted third party of a desire to opt-out of said opt-in email list, wherein each of said reissued certificates expires after a specified time period, wherein said step of obtaining said certificate comprises obtaining a most recently received one of said reissued certificates, said certificate being said most recently received one of said reissued certificates.
  - 9. The method according to claim 1, wherein said trusted third party maintains a list of revoked certificates, wherein said certificate will be placed on said list of revoked certificates if said recipient instructs said trusted third party of a desire to opt-out of said opt-in email list, wherein said step of determining whether said certificate can be verified comprises determining whether said certificate is on said list, and wherein said certificate cannot be successfully verified if it is determined that said certificate is on said list.

10. A method of adding a recipient to an opt-in email list maintained by an emailer and generating an email intended for said recipient, the method comprising:
- receiving a request from said recipient to be added to said opt-in email list;
  
  directing said recipient to a trusted third party, wherein said trusted third party generates a certificate in response thereto, said certificate including a certificate key associated with said recipient and said opt-in email list;
  
  generating said email, said email including an information portion and an authentication portion, said authentication portion being generated by a secure cryptographic device from said information portion using a first key associated with said recipient and said opt-in email list in a manner that causes said authentication portion to be securely cryptographically linked to said information portion, said first key being stored by said secure cryptographic device; and
  
  sending said email to said recipient;
  
  wherein said certificate is provided by said trusted third party to at least one of an email service provider of said recipient and an email application of said recipient, and wherein said email is provided to said recipient by either of said email service provider and said email application of said recipient only if said either of said email service provider and said email application is able to successfully verify said certificate and successfully verify said authentication portion using said certificate key.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method according to claim 10, wherein said first key is a private key and said certificate key is a public key, said private key and said public key together forming a public key/private key pair.
  - 12. The method according to claim 11, wherein said first key and said certificate key are generated by said trusted third party after said directing step.
  - 13. The method according to claim 11, wherein said directing step further comprises providing said first key and said certificate key to said trusted third party.
  - 14. The method according to claim 10, wherein said first key and said certificate key are a secret key.
  - 15. The method according to claim 14, wherein said secret key is generated by said trusted third party after said directing step.
  - 16. The method according to claim 14, wherein said directing step further comprises providing said secret key to said trusted third party.
  - 17. The method according to claim 10, wherein said certificate expires after a specified time period, wherein said either of said email service provider and said email application determines whether said certificate can be verified by determining whether said certificate has expired, and wherein said certificate cannot be successfully verified if it is determined that said certificate has expired.
  - 18. The method according to claim 10, wherein said trusted third party maintains a list of revoked certificates, wherein said certificate will be placed on said list of revoked certificates if said recipient instructs said trusted third party of a desire to opt-out of said opt-in email list, wherein said either of said email service provider and said email application determines whether said certificate can be verified by determining whether said certificate is on said list, and wherein said certificate cannot be successfully verified if it is determined that said certificate is on said list.

19. A method of adding a recipient to an opt-in email list maintained by an emailer and generating an email intended for said recipient, the method comprising:
- receiving a request from said recipient to be added to said opt-in email list;
  
  directing said recipient to a trusted third party, wherein said trusted third party generates a certificate in response thereto, said certificate including a certificate key associated with said recipient and said opt-in email list;
  
  obtaining said certificate and determining whether said certificate can be verified;
  
  generating said email if said certificate can be verified, said email including an information portion and an authentication portion, said authentication portion being generated by a secure cryptographic device from said information portion using a first key associated with said recipient and said opt-in email list in a manner that causes said authentication portion to be securely cryptographically linked to said information portion, said first key being stored by said secure cryptographic device; and
  
  sending said email to said recipient;
  
  wherein said email is provided to said recipient by either of an email service provider of said recipient or an email application of said recipient only if said either of said email service provider and said email application is able to successfully verify said authentication portion using said certificate key.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 20. The method according to claim 19, wherein said first key is a private key and said certificate key is a public key, said private key and said public key together forming a public key/private key pair.
  - 21. The method according to claim 20, wherein said first key and said certificate key are generated by said trusted third party after said directing step and wherein said first key is provided to said secure cryptographic device by said trusted third party.
  - 22. The method according to claim 19, wherein said first key and said certificate key are a secret key.
  - 23. The method according to claim 22, wherein said secret key is generated by said trusted third party after said directing step.
  - 24. The method according to claim 22, wherein said directing step further comprises providing said secret key to said trusted third party.
  - 25. The method according to claim 19, wherein said directing step further comprises providing said first key and said certificate key to said trusted third party.
  - 26. The method according to claim 19, wherein said certificate expires after a specified time period, wherein said step of determining whether said certificate can be verified comprises determining whether said certificate has expired, and wherein said certificate cannot be successfully verified if it is determined that said certificate has expired.
  - 27. The method according to claim 26, further comprising periodically receiving reissued certificates from said trusted third party for so long as said recipient has not instructed said trusted third party of a desire to opt-out of said opt-in email list, wherein each of said reissued certificates expires after a specified time period, wherein said step of obtaining said certificate comprises obtaining a most recently received one of said reissued certificates, said certificate being said most recently received one of said reissued certificates.
  - 28. The method according to claim 19, wherein said trusted third party maintains a list of revoked certificates, wherein said certificate will be placed on said list of revoked certificates if said recipient instructs said trusted third party of a desire to opt-out of said opt-in email list, wherein said step of determining whether said certificate can be verified comprises determining whether said certificate is on said list, and wherein said certificate cannot be successfully verified if it is determined that said certificate is on said list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Original Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Inventors
Cordery, Robert A., Braun, John F., Sansone, Ronald P.

Granted Patent

US 7,971,061 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 51/212   using filtering or selectiv...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

E-mail system and method having certified opt-in capabilities

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

44 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

E-mail system and method having certified opt-in capabilities

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links