METHOD AND SYSTEM FOR CERTIFICATE DISCOVERY AND RANKING CERTIFICATE AUTHORITIES
First Claim
1. A method for determining trustworthiness of a certificate authority, comprising:
- obtaining a security score for the certificate authority, comprising;
obtaining certificate resource information from one or more networks;
analyzing the certificate resource information;
assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and
relying, based on the security score, on a certificate issued by the certificate authority comprising at least two of;
determining to trust the certificate, based on the security score, for a set of some but not all websites;
determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and
determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available;
wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of;
that a domain from which the at least one certificate was received is a phishing attempt,that the certificate originated from or was located on a known phishing site or domainthat the certificate has internal names in the certificate'"'"'s subject alternative name field,that the issuing certificate authority has received bad press,that a domain from which the at least one certificate was received has received bad press,that the owner of a domain from which the at least one certificate was received has received bad press, andthat the issuing certificate authority has online reviews.
8 Assignments
0 Petitions
Accused Products
Abstract
Certificate detectors scan a network for certificate resource information and send the information to a certificate database. A correlation engine extracts and correlates this information. A ranker uses the information about the certificates and certificate authorities to generate and provide a security score and/or ranking. A requester may view the certificate ranking and/or and certificate authority ranking after passing a domain validation authorization. An Internet browser may obtain a security score and/or ranking for a certificate authority and, based on this information, may determine to trust or not trust some or all certificates issued by that certificate authority or to require corroborating evidence before trusting a certificate.
22 Citations
20 Claims
-
1. A method for determining trustworthiness of a certificate authority, comprising:
-
obtaining a security score for the certificate authority, comprising; obtaining certificate resource information from one or more networks; analyzing the certificate resource information; assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and relying, based on the security score, on a certificate issued by the certificate authority comprising at least two of; determining to trust the certificate, based on the security score, for a set of some but not all websites; determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available; wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of; that a domain from which the at least one certificate was received is a phishing attempt, that the certificate originated from or was located on a known phishing site or domain that the certificate has internal names in the certificate'"'"'s subject alternative name field, that the issuing certificate authority has received bad press, that a domain from which the at least one certificate was received has received bad press, that the owner of a domain from which the at least one certificate was received has received bad press, and that the issuing certificate authority has online reviews. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computing device for determining trustworthiness of a certificate authority, the computing device comprising a processor and a memory, wherein the memory stores instructions that, when executed on the processor, cause the computing device to perform a method comprising:
-
obtaining a security score for the certificate authority, comprising; obtaining certificate resource information from one or more networks; analyzing the certificate resource information; assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and relying, based on the security score, on a certificate issued by the certificate authority, comprising at least two of; determining to trust the certificate, based on the security score, for a set of some but not all websites; determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available; wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of; that a domain from which the at least one certificate was received is a phishing attempt, that the certificate originated from or was located on a known phishing site or domain that the certificate has internal names in the certificate'"'"'s subject alternative name field, that the issuing certificate authority has received bad press, that a domain from which the at least one certificate was received has received bad press, that the owner of a domain from which the at least one certificate was received has received bad press, and that the issuing certificate authority has online reviews. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium storing instructions that, when executed on a processor of a computing device, cause the computing device to perform a method for determining trustworthiness of a certificate authority, comprising:
-
obtaining a security score for the certificate authority, comprising; obtaining certificate resource information from one or more networks; analyzing the certificate resource information; assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and relying, based on the security score, on a certificate issued by the certificate authority, comprising at least two of; determining to trust the certificate, based on the security score, for a set of some but not all websites; determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available; wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of; that a domain from which the at least one certificate was received is a phishing attempt, that the certificate originated from or was located on a known phishing site or domain that the certificate has internal names in the certificate'"'"'s subject alternative name field, that the issuing certificate authority has received bad press, that a domain from which the at least one certificate was received has received bad press, that the owner of a domain from which the at least one certificate was received has received bad press, and that the issuing certificate authority has online reviews. - View Dependent Claims (18, 19, 20)
-
Specification