CERTIFICATE VALIDATION METHOD AND CERTIFICATE VALIDATION SERVER AND STORAGE MEDIUM
First Claim
1. A certificate validation method for use with a certificate validation server connected to a network together with a plurality of terminal devices and a plurality of certificate authority entities, for causing the certificate validation server to receive a certificate validation request from a given terminal device via the network, for building a certification path of from a first certificate authority up to a second certificate authority, for performing validation of the certification path, and for sending a validation result via said network to the terminal device which is a source of the certificate validation request, wherein said certificate validation server performs a processing operation comprising the steps of:
- detecting a key update of a given certificate authority or a compromise of the given certificate authority;
acquiring a certificate of a relevant certificate authority, first certificate status information and second certificate status information;
storing the acquired information in a storage unit or updating the information being presently stored in the storage unit based on the acquired information; and
performing building of the certification path and validation of the certification path by use of the information of said storage unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A certificate validation method for causing a certificate validation server to receive a certificate validation request from a given terminal device, build a certification path of from a first certificate authority (CA) to a second CA, perform validation of the certification path, and send a validation result to the terminal which issued the certificate validation request is disclosed. The validation server detects either a key update of any given CA or a compromise of the given CA, acquires a certificate of relevant CA and first certificate status information and second certificate status information, stores the acquired information in a storage unit or, alternatively, updates the information stored in the storage based on the acquired information, and performs the building of a certification path and validation of the certification path by use of the information of the storage unit.
-
Citations
18 Claims
-
1. A certificate validation method for use with a certificate validation server connected to a network together with a plurality of terminal devices and a plurality of certificate authority entities, for causing the certificate validation server to receive a certificate validation request from a given terminal device via the network, for building a certification path of from a first certificate authority up to a second certificate authority, for performing validation of the certification path, and for sending a validation result via said network to the terminal device which is a source of the certificate validation request, wherein said certificate validation server performs a processing operation comprising the steps of:
-
detecting a key update of a given certificate authority or a compromise of the given certificate authority; acquiring a certificate of a relevant certificate authority, first certificate status information and second certificate status information; storing the acquired information in a storage unit or updating the information being presently stored in the storage unit based on the acquired information; and performing building of the certification path and validation of the certification path by use of the information of said storage unit. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A certificate validation server connected to a network together with a plurality of terminal devices and a plurality of certificate authority entities, for causing the certificate validation server to receive a certificate validation request from a given terminal device via the network, for building a certification path of from a first certificate authority up to a second certificate authority, for performing validation of the certification path, and for sending a validation result via said network to the terminal device which is a source of the certificate validation request, wherein said certificate validation server comprises:
an information processing unit operative to detect a key update of a given certificate authority or a compromise of the given certificate authority, acquire a certificate of a relevant certificate authority, first certificate status information and second certificate status information, store the acquired information in a storage unit or update the information being presently stored in the storage unit based on the acquired information, and perform building of the certification path and validation of the certification path by use of the information of said storage unit. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A computer-readable storage medium having stored thereon computer-executable program to be used in a computer connected to a network together with a plurality of terminal devices and a plurality of certificate authority entities, for causing the computer to execute certificate validation processing which includes receiving a certificate validation request from a given terminal device via the network, building a certification path of from a first certificate authority to a second certificate authority, performing validation of the certification path, and sending a validation result via said network to the terminal device which is a source of the certificate validation request, wherein said program causes said computer to perform, in the certificate validation processing, an operation comprising the steps of:
-
detecting a key update of a given certificate authority or a compromise of the given certificate authority; acquiring a certificate of a relevant certificate authority, first certificate status information and second certificate status information; storing the acquired information in a storage unit or updating the information being presently stored in the storage unit based on the acquired information; and performing building of the certification path and validation of the certification path by use of the information of said storage unit. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification