Handling of Digital Certificates
1 Assignment
0 Petitions
Accused Products
Abstract
A method for handling digital certificates in a communication network is described. The communication network comprises a first certificate authority (110-116) having issued at least one digital certificate. The method comprises determining (216) whether a revocation condition for revoking the at least one digital certificate is fulfilled. The at least one digital certificate has been issued by the first certificate authority, wherein the at least one digital certificate is valid and is not revoked. The method further comprises, based on a result of the step of determining (216), revoking (404), by the first certificate authority (110-116), the at least one digital certificate, and based on the result of the step of determining (216), issuing, by a second certificate authority (110-116), at least one further digital certificate for the revoked at least one digital certificate. An associated system, methods in involved network entities, the involved network entities, and computer programs are also described. Therefore security handling in the communication network which may be fluctuating with respect to its number of network nodes and/or which may comprise numerous network nodes may be performed in an easy and efficient way.
19 Citations
46 Claims
-
1-22. -22. (canceled)
-
23. A method for handling digital certificates in a communication network, the communication network comprising a first certificate authority having issued at least one digital certificate, the method comprising:
-
determining whether a revocation condition for revoking the at least one digital certificate is fulfilled, wherein the at least one digital certificate was issued by the first certificate authority, wherein the at least one digital certificate is valid and not presently revoked; based on a result of the determining, revoking, by the first certificate authority, the at least one digital certificate; and based on the result of the determining, issuing, by a second certificate authority, at least one further digital certificate for the revoked at least one digital certificate. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A method, in a controlling certificate authority, for handling digital certificates in a communication network, the controlling certificate authority comprising first and second certificate authorities, wherein the first certificate authority has issued at least one digital certificate, the method comprising:
-
determining whether a revocation condition for revoking the at least one certificate is fulfilled, the at least one digital certificate having been issued by the first certificate authority, the at least one digital certificate being valid and not presently revoked; based on a result of the determining, trigger the first certificate authority to revoke the at least one digital certificate; and based on the result of the determining, trigger the second certificate authority to issue at least one further digital certificate for the revoked at least one certificate. - View Dependent Claims (39)
-
-
40. A method, in a network node, for handling digital certificates in a communication network, the network node maintaining a digital certificate issued by a first certificate authority of the communication network, the method comprising:
-
sending a request for issuing, by a second certificate authority of the communication network, a further digital certificate; and receiving the further digital certificate, the further digital certificate having been issued by the second certificate authority.
-
-
41. A method, in a network managing node, for handling digital certificates in a communication network, the communication network comprising a first certificate authority having issued at least one digital certificate, the method comprising:
sending information, to a network node of the communication network for the network node, requesting a further digital certificate to be issued by a second certificate authority for a digital certificate.
-
42. A controlling certificate authority for handling digital certificates in a communication network, the controlling certificate authority comprising:
-
one or more processing circuits configured to function as first and second certificate authorities, wherein the first certificate authority has issued at least one digital certificate; wherein the controlling certificate authority is configured to; determine whether a revocation condition for revoking the at least one first digital certificate is fulfilled, the at least one digital certificate having been issued by the first certificate authority, the at least one digital certificate being valid and not presently revoked; based on a result of the determining, trigger the first certificate authority to revoke the at least one digital certificate; and based on the result of the determining, trigger the second certificate authority to issue at least one further digital certificate for the revoked at least one digital certificate.
-
-
43. A network node for handling digital certificates in a communication network, the network node maintaining a digital certificate issued by a first certificate authority of the communication network, the network node comprising:
-
one or more processing circuits configured to cause the network node to; send a request for issuing, by a second certificate authority of the communication network, a further digital certificate; and receive the further digital certificate, the further digital certificate having been issued by the second certificate authority.
-
-
44. A network managing node for handling digital certificates in a communication network, the communication network comprising a first certificate authority having issued at least one digital certificate,
one or more processing circuits configured to cause the network managing node to send information, to a network node of the communication network for the network node, requesting a further digital certificate to be issued by a second certificate authority for a digital certificate.
-
45. A computer program product stored in a non-transitory computer readable medium for controlling the handling of digital certificates in a communication network, the communication network comprising a first certificate authority having issued at least one digital certificate, the computer program product comprising software instructions which, when run on one or more processors of the communication network, causes the communication network to:
-
determine whether a revocation condition for revoking the at least one digital certificate is fulfilled, wherein the at least one digital certificate was issued by the first certificate authority, wherein the at least one digital certificate is valid and not presently revoked; based on a result of the determining, revoke, by the first certificate authority, the at least one digital certificate; and based on the result of the determining, issue, by a second certificate authority, at least one further digital certificate for the revoked at least one digital certificate. - View Dependent Claims (46)
-
Specification