Method and apparatus for obtaining status of public key certificate updates
First Claim
1. A method fo r obtaining certificate status changes, the method comprising the steps of:
- a) generating, by an end user, certificates update subscription information that includes at least identity of a plurality of subscriber subjects that the end user is interested in and their associated public keys, and providing the certificates update subscription information to a server;
b) providing an indication of a local replica of current certificates for those subscriber subjects that the end user has a desire to communicate with to the server while on-line with the server;
c) receiving an indication of updated certificate for those subscriber subjects that the end user has a desire to communicate with, from the server when the updated certificate is inconsistent with the local replica of the current certificates; and
d) while on-line, receiving an indication of a newly updated certificate from the server, wherein the newly updated certificate relates to information of interest as identified in the certificates update subscription information.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for public key certificate updates is accomplished when a user of a secured communications system provides, from time to time, a public key certificate update subscription update to a server. The public key certificate update subscription information identifies at least one subscriber subject (i.e., another end-user) that the user desires to obtain real time public key updates when they occur. In response to the subscription information, the server monitors public key certificates of the at least one subscriber subject. When a change occurs to the public key certificate of the at least one subscriber, the server provides an indication of the change to the requesting user. As such, while the user is on-line with the secured communications system, the server can provide the user with real-time updates of subscriber subjects'"'"' encryption public key certificates and/or signature public key certificates. In addition, or as an alternative, to providing the subscription information, the user may provide an indication of a local replica of the public key certificates that it has stored to the server. Upon receiving the replica, the server determines whether the user'"'"'s replica is consistent with the system'"'"'s most current public key certificates of the subscriber subjects. If the user'"'"'s replica is consistent with the current public key certificate, the server provides no response to the user or provides a response indicating that the user'"'"'s list is current. If, however, the user'"'"'s replica is not consistent with the current public key certificate, the server provides an indication of the differences to the user. The indication allows the user to update its local lists to be consistent with the most current public key certificate list.
345 Citations
27 Claims
-
1. A method fo r obtaining certificate status changes, the method comprising the steps of:
-
a) generating, by an end user, certificates update subscription information that includes at least identity of a plurality of subscriber subjects that the end user is interested in and their associated public keys, and providing the certificates update subscription information to a server;
b) providing an indication of a local replica of current certificates for those subscriber subjects that the end user has a desire to communicate with to the server while on-line with the server;
c) receiving an indication of updated certificate for those subscriber subjects that the end user has a desire to communicate with, from the server when the updated certificate is inconsistent with the local replica of the current certificates; and
d) while on-line, receiving an indication of a newly updated certificate from the server, wherein the newly updated certificate relates to information of interest as identified in the certificates update subscription information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing certificate updates, the method comprises the steps of:
-
a) generating, by an end user, certificate update subscription information that includes at least identity of a plurality of subscriber subjects that the end user is interested in and their associated public keys and receiving the certificate update subscription information from the user, wherein the certificate update subscription information includes current certificates for those subscriber subjects that the end user has a desire to communicate with, at least one of identity of at least one of subscriber subject, a public key certificate of the at least one subscriber subjects an attribute certificate of the subscriber subject, identity of a certification authority and a cross-certificate;
b) monitoring certificate of the at least one subscriber subject;
c) when a change occurs to the certificate, providing an indication of the change to the user, the method further comprising receiving an indication of a user replica of the certificate from the user, when the use is on-line;
determining whether the user replica of the certificate is consistent with server replica of the certificate; and
when the user replica of the certificate is inconsistent with the server replica of the certificate, providing an indication of the server replica of the certificate to the user. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method for obtaining public key certificate updates, the method comprising the steps of:
-
a) generating, by a user, certificate update subscription information that includes at least identity of at least one subscriber subject that the end user is interested in and their associated public keys, and providing by the user, the public key certificate update subscription information to a server, wherein the public key certificate update subscription information identifies at least one subscriber subject that the end user is interested in and their associated public keys;
b) monitoring, by the server, public key certificate of the at least one subscriber subject;
c) when a change occurs to the public key certificate, providing, by the serverd an indication of the change to the user;
d) while on-line, receiving, by the user, the indication of the change; and
e) determining, by the user, newly updated public key certificate based on the indication of the change;
f) providing, by the user, an indication of a local replica of public key certificate to the server while on-line with the server;
g) determining, by the server, whether the local replica of the public kev certificate is inconsistent with current public key certificate of the at least one subscriber subject; and
h) when the local replica of the public key certificate is inconsistent with the current public key certificate, providing, by the server, an indication of a difference between the local replica of the public key certificate and the current public key certificate.
-
-
15. A user of secure communication system, wherein the user comprises:
-
processing unit; and
memory operably coupled to the processing unit, wherein the memory stores programming instructions that, when read by the processing unit, causes the processing unit to (a) generate certificate update subscription information that includes at least identity of at least one subscriber subject that the user is interested in and their associated public keys, and provide the public key certificate update subscription information to a server;
(b) provide an indication of a local replica of current certificate for those subscriber subjects that the end user has a desire to communicate with to the server while on-line with the server;
(c) receive updated certificate from the server when the updated certificate is inconsistent with the local replica of the current certificate; and
(d) while on-line, receive newly updated certificate from the server, wherein the newly updated certificate relates to information of interest as identified in the certificate update subscription information.- View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A server of secure communication system, wherein the server comprises:
-
processing unit;
memory operably coupled to the processing unit, wherein the memory stores programming instructions that, when read by the processing unit, causes the processing unit to (a) generate by a user certificate update subscription information that includes at least identity of at least one subscriber subject that the end user is interested in and their associated public keys, and receive the certificate update subscription information from the user, wherein the certificate update subscription information for those subscriber subjects that the end-user has a desire to communicate with includes at least one of;
identity of at least one of subscriber subject, a public key certificate of the at least one subscriber subject, an attribute certificate of the subscriber subject, identity of a certification authority and a cross-certificate;
(b) monitor certificate of the at least one subscriber subject and the certification authority;
(c) provide an indication of a change to the user when the change occurs to the certificate; and
(i) receive an indication of a user replica of the certificate from the user, when the user is on-line;
(ii) determine whether the user replica of the certificate is consistent with server replica of the certificate; and
(iii) provide an indication of the server replica of the certificate to the use when the user replica of the certificate is inconsistent with the server replica of the certificate.- View Dependent Claims (23, 24, 25, 26, 27)
-
Specification