SYSTEM AND METHOD FOR VALIDATING CERTIFICATE ISSUANCE NOTIFICATION MESSAGES

US 20120290835A1
Filed: 07/23/2012
Published: 11/15/2012
Est. Priority Date: 03/17/2009
Status: Active Grant

First Claim

Patent Images

1. A method, for being performed by a mail server having a receiver, a processor and a transmitter, of validating a certificate issuance notification message, the method comprising:

receiving, at the receiver, a message;

determining, at the processor, that the message comprises a certificate issuance notification message;

verifying, by determining, at the processor, that a size of the message is less than a predetermined maximum message size, that the certificate issuance notification message conforms to expected norms specific to certificate issuance notification messages; and

responsive to the verifying, transmitting, at the transmitter, a uniform resource locator, extracted from the certificate issuance notification message, to a network entity configured for processing certificate issuance.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To validate a received certificate issuance notification message, a device may verify that the certificate issuance notification message conforms to expected norms or authenticate a signature associate with the certificate issuance notification message. Upon validating, the device may then transmit a uniform resource locator, extracted from the certificate issuance notification message, to a network entity configured for processing certificate issuance.

4 Citations

View as Search Results

13 Claims

1. A method, for being performed by a mail server having a receiver, a processor and a transmitter, of validating a certificate issuance notification message, the method comprising:
- receiving, at the receiver, a message;
  
  determining, at the processor, that the message comprises a certificate issuance notification message;
  
  verifying, by determining, at the processor, that a size of the message is less than a predetermined maximum message size, that the certificate issuance notification message conforms to expected norms specific to certificate issuance notification messages; and
  
  responsive to the verifying, transmitting, at the transmitter, a uniform resource locator, extracted from the certificate issuance notification message, to a network entity configured for processing certificate issuance.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein the determining that the message comprises a certificate issuance notification message comprises determining that a sender of the message is a certificate authority.
  - 3. The method of claim 1 further comprising extracting a plurality of uniform resource locators from the certificate issuance notification message.
  - 4. The method of claim 3 wherein the verifying that the certificate issuance notification message conforms to expected norms specific to certificate issuance notification messages further comprises determining that a quantity of the plurality of the extracted uniform resource locators is less than a maximum expected count of uniform resource locators.
  - 5. The method of claim 1 further comprising:
    - receiving an instruction from the network entity; and
      
      responsive to the instruction, activating certificate issuance notification message handling.

6. A mail server comprising:
- a receiver adapted to receive a message;
  
  a processor adapted to;
  
  determine that the message comprises a certificate issuance notification message;
  
  verify that the certificate issuance notification message conforms to expected norms specific to certificate issuance notification messages; and
  
  extract a uniform resource locator from the certificate issuance notification message; and
  
  a transmitter adapted to transmit the uniform resource locator to a network entity configured for processing certificate issuance.

7. A non-transitory computer-readable medium containing computer-executable instructions that, when performed by a processor in a mail server, cause the processor to:
- receive a message;
  
  determine that the message comprises a certificate issuance notification message;
  
  verify that the certificate issuance notification message conforms to expected norms specific to certificate issuance notification messages;
  
  extract a uniform resource locator from the certificate issuance notification message;
  
  transmit the uniform resource locator to a network entity configured for processing certificate issuance.

8. A method, for being performed by a certificate server having a receiver, a processor and a transmitter, of obtaining a certificate on behalf of a mail server, the method comprising:
- receiving, at the receiver, a uniform resource locator;
  
  verifying, at the processor, the uniform resource locator, where the verifying includes confirming that a prefix of the uniform resource locator matches a prefix associated with one of a set of certificate authorities from which identity certificates may be retrieved;
  
  responsive to the confirming, transmitting, at the transmitter and based upon the uniform resource locator, a query to a certificate authority;
  
  receiving, at the receiver, a certificate;
  
  transmitting, at the transmitter, the certificate to a mail server.
- View Dependent Claims (9)
- - 9. The method of claim 8 wherein, responsive to the receiving the uniform resource locator, the method further comprises:
    - determining an intended recipient for the identity certificate referenced by the uniform resource locator; and
      
      determining that an identity certificate is expected to be received by the intended recipient.

10. A certificate server comprising:
- a receiver adapted to receive a uniform resource locator and a certificate;
  
  a processor adapted to verify the uniform resource locator, where the verifying includes confirming that a prefix of the uniform resource locator matches a prefix associated with one of a set of certificate authorities from which identity certificates may be retrieved;
  
  a transmitter adapted to transmit, based upon the uniform resource locator, a query to a certificate authority and the certificate to a mail server.
- View Dependent Claims (11)
- - 11. The certificate server of claim 10 wherein, responsive to the receiving the uniform resource locator, the processor is further adapted to:
    - determine an intended recipient for the identity certificate referenced by the uniform resource locator; and
      
      determine that an identity certificate is expected to be received by the intended recipient.

12. A non-transitory computer-readable medium containing computer-executable instructions that, when performed by a processor in a mail server, cause the processor to:
- receive a uniform resource locator;
  
  verify the uniform resource locator, where the verifying includes confirming that a prefix of the uniform resource locator matches a prefix associated with one of a set of certificate authorities from which identity certificates may be retrieved;
  
  transmit, based upon the uniform resource locator, a query to a certificate authority;
  
  receive a certificate;
  
  transmit the certificate to a mail server.
- View Dependent Claims (13)
- - 13. The non-transitory computer-readable medium of claim 12 wherein, responsive to the receiving the uniform resource locator, the instructions further cause the processor to:
    - determine an intended recipient for the identity certificate referenced by the uniform resource locator; and
      
      determine that an identity certificate is expected to be received by the intended recipient.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Truskovsky, Alexander, Tu, Van Quy, Mok, Cheryl, Gandhi, Shivangi, Jackson, Eli, Adams, Neil Patrick

Granted Patent

US 8,826,007 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/126   the source of the received ...

H04W 12/069   using certificates or pre-s...

H04W 12/106   Packet or message integrity

SYSTEM AND METHOD FOR VALIDATING CERTIFICATE ISSUANCE NOTIFICATION MESSAGES

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

4 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR VALIDATING CERTIFICATE ISSUANCE NOTIFICATION MESSAGES

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

4 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links