MANAGEMENT OF SSL CERTIFICATE ESCROW
First Claim
1. A computer-implemented method of securely providing a private key escrow service, comprising:
- providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key;
receiving the encrypted copy of the private key from the private key holder via the secure upload webpage;
storing the encrypted copy of the private key in memory;
providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key;
receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage; and
decrypting the private key in response to the instruction to decrypt the private key.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for providing a secure SSL certificate escrow service comprise: providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key; receiving the encrypted copy of the private key from the private key holder via the secure upload webpage; storing the encrypted copy of the private key in memory; providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key; receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage; and decrypting the private key in response to the instruction to decrypt the private key.
70 Citations
35 Claims
-
1. A computer-implemented method of securely providing a private key escrow service, comprising:
-
providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key; receiving the encrypted copy of the private key from the private key holder via the secure upload webpage; storing the encrypted copy of the private key in memory; providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key; receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage; and decrypting the private key in response to the instruction to decrypt the private key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for securely providing a private key escrow service, comprising:
-
providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key; a processing system comprising one or more processors; one or more communications ports for receiving communications from one or more networked devices and transmitting communications to one or more networked devices; and a memory system comprising one or more computer-readable media, wherein the computer-readable media store instructions that, when executed by the processing system, cause the system to perform the operations of; receiving the encrypted copy of the private key from the private key holder via the secure upload webpage; storing the encrypted copy of the private key in memory; providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key; receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage; and decrypting the private key in response to the instruction to decrypt the private key. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A computer-implemented method of securely providing a private key escrow service, comprising:
-
providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key, wherein the encrypted copy of the private key is protected by a first passcode such that the private key escrow service is unable to access an unencrypted copy of the private key without the first passcode, and wherein the secure upload webpage requires the private key holder to specify a second passcode for additionally securing the encrypted copy of the private key; receiving the encrypted copy of the private key and the second passcode from the private key holder via the secure upload webpage; storing the encrypted copy of the private key in memory in association with the second passcode; providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key; receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage, wherein the instruction to decrypt the private key includes the first passcode and the second passcode; decrypting the private key using the first passcode in response to the instruction to decrypt the private key and a determination that the private key holder has correctly provided the second passcode via the secure decryption webpage.
-
Specification