METHOD AND SYSTEM FOR CERTIFICATE DISCOVERY AND RANKING CERTIFICATE AUTHORITIES

US 20160277193A1
Filed: 03/17/2015
Published: 09/22/2016
Est. Priority Date: 03/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method for determining trustworthiness of a certificate authority, comprising:

obtaining a security score for the certificate authority, comprising;

obtaining certificate resource information from one or more networks;

analyzing the certificate resource information;

assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and

relying, based on the security score, on a certificate issued by the certificate authority comprising at least two of;

determining to trust the certificate, based on the security score, for a set of some but not all websites;

determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and

determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available;

wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of;

that a domain from which the at least one certificate was received is a phishing attempt,that the certificate originated from or was located on a known phishing site or domainthat the certificate has internal names in the certificate'"'"'s subject alternative name field,that the issuing certificate authority has received bad press,that a domain from which the at least one certificate was received has received bad press,that the owner of a domain from which the at least one certificate was received has received bad press, andthat the issuing certificate authority has online reviews.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Certificate detectors scan a network for certificate resource information and send the information to a certificate database. A correlation engine extracts and correlates this information. A ranker uses the information about the certificates and certificate authorities to generate and provide a security score and/or ranking. A requester may view the certificate ranking and/or and certificate authority ranking after passing a domain validation authorization. An Internet browser may obtain a security score and/or ranking for a certificate authority and, based on this information, may determine to trust or not trust some or all certificates issued by that certificate authority or to require corroborating evidence before trusting a certificate.

22 Citations

20 Claims

1. A method for determining trustworthiness of a certificate authority, comprising:
- obtaining a security score for the certificate authority, comprising;
  
  obtaining certificate resource information from one or more networks;
  
  analyzing the certificate resource information;
  
  assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and
  
  relying, based on the security score, on a certificate issued by the certificate authority comprising at least two of;
  
  determining to trust the certificate, based on the security score, for a set of some but not all websites;
  
  determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and
  
  determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available;
  
  wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of;
  
  that a domain from which the at least one certificate was received is a phishing attempt,that the certificate originated from or was located on a known phishing site or domainthat the certificate has internal names in the certificate'"'"'s subject alternative name field,that the issuing certificate authority has received bad press,that a domain from which the at least one certificate was received has received bad press,that the owner of a domain from which the at least one certificate was received has received bad press, andthat the issuing certificate authority has online reviews.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the security score is a ranking for the certificate authority.
  - 3. The method of claim 1, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, for a set of some but not all websites.
  - 4. The method of claim 1, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate.
  - 5. The method of claim 1, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available.
  - 6. The method of claim 1, wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, that a domain from which the at least one certificate was received is a phishing attempt.
  - 7. The method of claim 1, wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, that the issuing certificate authority has received bad press.
  - 8. The method of claim 1, wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least one of:
    - that the domain from which the at least one certificate was received has received bad press; and
      
      that the owner of the domain has received bad press.

9. A computing device for determining trustworthiness of a certificate authority, the computing device comprising a processor and a memory, wherein the memory stores instructions that, when executed on the processor, cause the computing device to perform a method comprising:
- obtaining a security score for the certificate authority, comprising;
  
  obtaining certificate resource information from one or more networks;
  
  analyzing the certificate resource information;
  
  assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and
  
  relying, based on the security score, on a certificate issued by the certificate authority, comprising at least two of;
  
  determining to trust the certificate, based on the security score, for a set of some but not all websites;
  
  determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and
  
  determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available;
  
  wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of;
  
  that a domain from which the at least one certificate was received is a phishing attempt,that the certificate originated from or was located on a known phishing site or domainthat the certificate has internal names in the certificate'"'"'s subject alternative name field,that the issuing certificate authority has received bad press,that a domain from which the at least one certificate was received has received bad press,that the owner of a domain from which the at least one certificate was received has received bad press, andthat the issuing certificate authority has online reviews.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computing device of claim 9, wherein the security score is a ranking for the certificate authority.
  - 11. The computing device of claim 9, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, for a set of some but not all websites.
  - 12. The computing device of claim 9, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate.
  - 13. The computing device of claim 9, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available.
  - 14. The computing device of claim 9, wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, that a domain from which the at least one certificate was received is a phishing attempt.
  - 15. The computing device of claim 9, wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, that the issuing certificate authority has received bad press.
  - 16. The computing device of claim 9, wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least one of:
    - that the domain from which the at least one certificate was received has received bad press; and
      
      that the owner of the domain has received bad press.

17. A non-transitory computer-readable medium storing instructions that, when executed on a processor of a computing device, cause the computing device to perform a method for determining trustworthiness of a certificate authority, comprising:
- obtaining a security score for the certificate authority, comprising;
  
  obtaining certificate resource information from one or more networks;
  
  analyzing the certificate resource information;
  
  assigning a security score to the certificate authority based at least in part on the analysis of the certificate resource information; and
  
  relying, based on the security score, on a certificate issued by the certificate authority, comprising at least two of;
  
  determining to trust the certificate, based on the security score, for a set of some but not all websites;
  
  determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate; and
  
  determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available;
  
  wherein analyzing the certificate resource information comprises determining, for at least one certificate in the certificate resource information, at least two of;
  
  that a domain from which the at least one certificate was received is a phishing attempt,that the certificate originated from or was located on a known phishing site or domainthat the certificate has internal names in the certificate'"'"'s subject alternative name field,that the issuing certificate authority has received bad press,that a domain from which the at least one certificate was received has received bad press,that the owner of a domain from which the at least one certificate was received has received bad press, andthat the issuing certificate authority has online reviews.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory computer-readable medium of claim 17, wherein the security score is a ranking for the certificate authority.
  - 19. The non-transitory computer-readable medium of claim 17, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, if a second certificate from a second certificate authority corroborates the certificate.
  - 20. The non-transitory computer-readable medium of claim 17, wherein relying, based on the security score, on a certificate issued by the certificate authority, comprises determining to trust the certificate, based on the security score, if no certificates from higher-ranked certificate authorities are available.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DigiCert Incorporated
Original Assignee
DigiCert Incorporated
Inventors
Sabin, Jason Allen

Granted Patent

US 9,479,338 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/645   using a third party

H04L 63/0823   using certificates cryptogr...

H04L 63/126   the source of the received ...

H04L 9/321   involving a third party or ...

H04L 9/3263   involving certificates, e.g...

METHOD AND SYSTEM FOR CERTIFICATE DISCOVERY AND RANKING CERTIFICATE AUTHORITIES

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR CERTIFICATE DISCOVERY AND RANKING CERTIFICATE AUTHORITIES

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links