Secure Network Location Awareness
First Claim
1. A method at a client comprising:
- receiving a signed message from an access node of a communications network, the signed message comprising at least a freshness indicator, a signature and a public key;
validating the freshness indicator;
verifying the signature of the signed message using the public key; and
if the validation and the verification processes are successful, accessing stored settings for use with the network, that access being made on the basis of information at least about the public key.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure network location awareness is provided whereby a client is able to use appropriate settings when communicating with an access node of a communications network. In an embodiment a client receives a signed message from the access node, the signed message comprising at least a certificate chain having a public key. In some embodiments the certificate chain may be only a self-signed certificate and in other embodiments the certificate chain is two or more certificates in length. The client validates the certificate chain and verifies the signature of the signed message. If this is successful the client accesses stored settings for use with the access node. The stored settings are accessed at least using information about the public key. In another embodiment the signed message also comprises a location identifier which is, for example, a domain name system (DNS) suffix of the access node.
-
Citations
20 Claims
-
1. A method at a client comprising:
-
receiving a signed message from an access node of a communications network, the signed message comprising at least a freshness indicator, a signature and a public key; validating the freshness indicator; verifying the signature of the signed message using the public key; and if the validation and the verification processes are successful, accessing stored settings for use with the network, that access being made on the basis of information at least about the public key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method at an access node of a communications network comprising:
-
receiving a request from a client requiring a response from the access node; sending a signed message to the client, the signed message comprising at least a freshness indicator, location identifier, signature and a certificate chain comprising one or more certificates, the certificate chain having a public key; wherein the sending is arranged such that the message can be received only in a specified region of the communications network; and wherein the public key is suitable for verifying the signature and the location identifier matches a name in the certificate chain. - View Dependent Claims (14, 15)
-
-
16. A method at a client comprising:
-
authenticating a communications network; determining a network identifier by computing a cryptographic hash function of data comprising at least a public key of the communications network; and accessing stored settings for use with the network, that access being made on the basis of the network identifier. - View Dependent Claims (17, 18, 19, 20)
-
Specification