DIGITAL CERTIFICATE VALIDATION USING UNTRUSTED DATA
First Claim
1. A method for authenticating a target recipient for a digital certificate, the method comprising:
- receiving, at a certificate authority authentication system, a request for a digital certificate, the request including a public key of a public-private key pair, an identification of a target certificate recipient, and untrusted certificate validation data;
automatically initiating a communication link using the untrusted certificate validation data to generate verified untrusted certificate validation data;
following, or concurrently with, the automatically initiating the communication link, comparing at least one of the untrusted certificate validation data or the verified untrusted certificate validation data with entity specific data obtained from a confirmation computing system to generate trusted certificate validation data;
comparing the trusted certificate validation data with the verified untrusted certificate validation data;
based at least in part on an identification of a match between the confirmed certificate validation data and the verified untrusted certificate validation data, authenticating the target certificate recipient; and
issuing the requested digital certificate for the target certificate recipient.
4 Assignments
0 Petitions
Accused Products
Abstract
A method, system and apparatus for authenticating target recipients for digital certificates. A certificate authority authentication system receives a request from an entity for a digital certificate including untrusted certificate validation data. The authentication system initiates a communication link using to untrusted certificate validation data to generate verified untrusted certificate validation data. Subsequently or concurrently, the system obtains, from a confirmation computing system, trusted certificate validation data. The authentication system compares the verified untrusted certificate validation data with the trusted certificate validation data and, based on the comparison, authenticates the entity and issues the requested digital certificate.
0 Citations
20 Claims
-
1. A method for authenticating a target recipient for a digital certificate, the method comprising:
-
receiving, at a certificate authority authentication system, a request for a digital certificate, the request including a public key of a public-private key pair, an identification of a target certificate recipient, and untrusted certificate validation data; automatically initiating a communication link using the untrusted certificate validation data to generate verified untrusted certificate validation data; following, or concurrently with, the automatically initiating the communication link, comparing at least one of the untrusted certificate validation data or the verified untrusted certificate validation data with entity specific data obtained from a confirmation computing system to generate trusted certificate validation data; comparing the trusted certificate validation data with the verified untrusted certificate validation data; based at least in part on an identification of a match between the confirmed certificate validation data and the verified untrusted certificate validation data, authenticating the target certificate recipient; and issuing the requested digital certificate for the target certificate recipient. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. Non-transitory computer-readable media including computer-executable instructions that, when executed by a computing system, cause the computing system to:
-
receive, at a certificate authority authentication system, a request for a digital certificate, the request including a public key of a public-private key pair, an identification of a target certificate recipient, and untrusted certificate validation data; automatically initiate a communication link using the untrusted certificate validation data to generate verified untrusted certificate validation data; following, or concurrently with, the automatic initiation of the communication link, compare at least one of the untrusted certificate validation data or the verified untrusted certificate validation data with entity specific data obtained from a confirmation computing system to generate trusted certificate validation data; compare the trusted certificate validation data with the verified untrusted certificate validation data; based at least in part on an identification of a match between the confirmed certificate validation data and the verified untrusted certificate validation data, authenticate the target certificate recipient; and issue the requested digital certificate for the target certificate recipient. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method for authenticating a target recipient for a digital certificate, the method comprising:
-
receiving, at a certificate authority authentication system, a request for a digital certificate from the target recipient, the request including a public key of a public-private key pair, an identification of the target recipient, and untrusted certificate validation data, the untrusted certificate validation data including contact information associated with the target recipient; sending, from the certificate authority authentication system, a verification request message to the target recipient using the contact information of the untrusted certificate validation data, wherein the certificate authority authentication system sends the verification request before receiving confirmation of the untrusted certificate validation data from a confirmation computing system; and receiving, at the certificate authority authentication system, a response to the verification request message and generating, based on the response, verified untrusted certificate validation data. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification