Certificate revocation system
First Claim
1. A method for an authority to provide authenticated information about revoked certificates, comprising the steps of:
- (a) generating data identifying the revoked certificates;
(b) generating information about the revoked certificates including the data without including the revocation date of every one of the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and
(c) having the authority authenticate the information.
8 Assignments
0 Petitions
Accused Products
Abstract
Authenticating information about revoked certificates includes generating data identifying the revoked certificates, generating information about the revoked certificates including the data without including the revocation date of every one of the revoked certificates, and having the authority authenticate the information. The data may be generated by performing a hash of at least a portion of each of the certificates. Generating information about the revoked certificates may include adding a date indicating when the information was authenticated and may exclude the revocation date of any one of the revoked certificates in the list.
231 Citations
74 Claims
-
1. A method for an authority to provide authenticated information about revoked certificates, comprising the steps of:
-
(a) generating data identifying the revoked certificates; (b) generating information about the revoked certificates including the data without including the revocation date of every one of the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for an authority to provide authenticated information about revoked certificates, comprising the steps of:
-
(a) generating minimal data identifying the revoked certificates; (b) generating information about the revoked certificates only by adding to the data one or more additional items that are shared by all the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A method for an authority to provide authenticated information about revoked certificates, comprising the steps of:
-
(a) generating minimal data identifying the revoked certificates; (b) generating information about the revoked certificates by only adding to the data one or more additional items that are shared by two or more of the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
-
26. A method for an authority to provide authenticated information about revoked certificates, comprising the steps of:
-
(a) generating minimal data identifying the revoked certificates; (b) generating information about the revoked certificates by adding to the data one or more first items that are shared among certificates of a proper subset of the revoked certificates and one or more second items that are shared among all the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
-
-
34. A method for an authority to provide authenticated information about whether certificates have been revoked, comprising the steps of:
-
(a) generating a data string, wherein each of the certificates corresponds to a single bit of the data string and the value thereof indicates whether a corresponding one of the certificates has been revoked, wherein information contained in the data string is independent of issue dates of the certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (35, 36, 37)
-
-
38. A method for an authority to provide authenticated information about whether certificates have been revoked, comprising the steps of:
-
(a) mapping at least one of the certificates to one or more bit positions in a data string and having values at the one or more bit positions convey information about whether the at least one of the certificates has been revoked, wherein information contained in the data string is independent of issue dates of the certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (39)
-
-
40. A method for an authority to provide authenticated data about public key certificates, comprising the steps of:
-
(a) mapping at least one of the public key certificates to one or more bit positions in a data string and having values at the one or more bit positions convey information about the at least one certificate, wherein the information is independent of issue dates of the certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (41)
-
-
42. A method for an authority to provide authenticated data about certificates, comprising the steps of:
-
(a) mapping each of the certificates to one or more bit positions in a data string and having values at the one or more bit positions convey information about the certificate, wherein the information is independent of issue dates of the certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (43, 44)
-
-
45. A method for an authority to generate authenticated information about revoked certificates, comprising the steps of:
-
(a) generating data identifying the revoked certificates; (b) generating compressed date information indicating a date of revocation for each of a first subgroup of the revoked certificates that contains at least one of the revoked certificates, wherein the compressed date information is independent of issue dates of certificates that are not revoked; and (c) generating the authenticated information by authenticating at least one of;
the data together with the compressed date information alone, the data together with compressed date information and other date information, and the date together with the compressed date information and other information. - View Dependent Claims (46, 47, 48, 49, 50)
-
-
51. A method for an intermediary to prove whether a certificate has been revoked, comprising the steps of:
-
(a) causing a user to receive authenticated information generated by an authority wherein the authority has generated the authenticated information by the steps of; (a) generating data identifying the revoked certificates; (b) generating information about the revoked certificates including the data without including the revocation date of every one of the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) authenticating the information. - View Dependent Claims (52, 53)
-
-
54. A method for an intermediary to prove whether a certificate has been revoked, comprising the steps of:
(a) causing a user to receive authenticated information generated by an authority wherein the authority has generated the authenticated information by the steps of; (a) generating minimal data identifying revoked certificates; (b) generating information about the revoked certificates only by adding to the data one or more additional items that are shared by all the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (55, 56)
-
57. A method for an intermediary to prove whether a certificate has been revoked, comprising the steps of:
(a) causing a user to receive authenticated information generated by an authority wherein the authority has generated the authenticated information by the steps of; (a) generating minimal data identifying revoked certificates; (b) generating information about the revoked certificates by only adding to the data one or more additional items that are shared by two or more of the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (58, 59)
-
60. A method for an intermediary to prove whether a certificate has been revoked, comprising the steps of:
(a) causing a user to receive authenticated information generated by an authority wherein the authority has generated the authenticated information by the steps of; (a) generating minimal data identifying revoked certificates; (b) generating information about the revoked certificates by adding to the data one or more first items that are shared among certificates of a proper subset of the revoked certificates and one or more second items that are shared among all the revoked certificates, wherein the information is independent of issue dates of the revoked certificates; and (c) having the authority authenticate the information. - View Dependent Claims (61, 62)
-
63. A method for an intermediary to prove whether a certificate has been revoked, comprising the steps of:
(a) causing a user to receive an authenticated data string generated by an authority wherein the authority has generated the authenticated data string by the steps of; (a) mapping at least one of the certificates to one or more bit positions in a data string and having values at the one or more bit positions convey information about whether the at least one of the certificates has been revoked, wherein the information is independent of issue dates of the revoked certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (64, 65)
-
66. A method for an intermediary to prove information about public key certificates, comprising the steps of:
(a) causing a user to receive an authenticated data string generated by an authority wherein the authority has generated the authenticated data string by the steps of; (a) mapping at least one of the public key certificates to one or more bit positions in a data string and having values at the one or more bit positions convey information about the at least one certificate, wherein the information is independent of issue dates of the public key certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (67, 68)
-
69. A method for an intermediary to prove information about certificates, comprising the steps of:
(a) causing a user to receive authenticated data generated by an authority wherein the authority has generated the authenticated data by the steps of; (a) mapping each of the certificates to one or more bit positions in a data string and having values at the one or more bit positions convey information about the certificate, wherein information contained in the data string is independent of issue dates of the certificates; and (b) having the authority authenticate the data string. - View Dependent Claims (70, 71)
-
72. A method for an intermediary to prove whether a certificate has been revoked, comprising the steps of:
(a) causing a user to receive authenticated information generated by an authority wherein the authority has generated the authenticated information by the steps of; (a) generating data identifying the revoked certificates; (b) generating compressed date information indicating a date of revocation for each of a first subgroup of the revoked certificates that contains at least one of the revoked certificates, wherein the compressed date information is independent of issue dates of the revoked certificates; and (c) generating the authenticated information by authenticating at least one of;
the data together with the compressed date information alone, the data together with compressed date information and other date information, and the date together with the compressed date information and other information.- View Dependent Claims (73, 74)
Specification