Revoking Malware in a Computing Device
First Claim
1. A method of operating a computing device, the method comprising enabling the device to make use of one or more sets of previously stored information to supplement, replace or override information concerning certificate revocation provided by a chain of one or more certificates included with a software package, wherein the computing device is caused to utilise the previously stored information in the event that the chain of certificates included with the software package does not resolve to a trusted certificate previously stored on the device.
2 Assignments
0 Petitions
Accused Products
Abstract
A computing device is operated in a manner which provides improved checking to determine whether or not an authentication certificate for a software application being loaded onto the device has been revoked. In the case of trusted certificate chains that contain no revocation information, the device checks using an AuthorityInfoAccess extension (AIA) as selected by the device. In the case of untrusted certificate chains, notably including self-signed certificates, the device is controlled so that it ignores any authentication revocation information provided with the software application and always uses information stored on the device.
14 Citations
10 Claims
- 1. A method of operating a computing device, the method comprising enabling the device to make use of one or more sets of previously stored information to supplement, replace or override information concerning certificate revocation provided by a chain of one or more certificates included with a software package, wherein the computing device is caused to utilise the previously stored information in the event that the chain of certificates included with the software package does not resolve to a trusted certificate previously stored on the device.
-
2. (canceled)
-
3. A method according to 1 wherein the previously stored information concerning certificate revocation differs from the previously stored information concerning certificate revocation utilised in the event that
a. the chain of certificates included with the software package resolves to a trusted certificate stored on the device; - and
b. any of the certificates included with the software package do not include revocation information.
- and
-
4. A method according to 1 wherein the previously stored information concerning certificate revocation is the previously stored information concerning certificate revocation utilised in the event that
a. the chain of certificates included with the software package resolve to a trusted certificate stored on the device; - and
b. any of the certificates included with the software package do not include revocation information.
- and
Specification