Obtaining and maintaining real time certificate status
First Claim
1. A method comprising the steps of:
- retrieving a certificate and a real time status for the certificate from a certificate authority;
storing the certificate and said real time status in an identity system, wherein the certificate authority is external to the identity system;
storing validation information for said certificate in the identity system, wherein said validation information includes an identifier of a time said real time status was retrieved and a validation interval for said real time status;
receiving at the identity system a request to export the certificate;
determining with the identity system whether to check a status for said certificate, wherein determining whether to check the status for the certificate comprises querying a parameter field in the identity system; and
in response to determining to check the status for said certificate, determining with the identity system whether to check the status for the certificate in real time, wherein determining whether to check the status for the certificate in real time comprises querying a parameter field in the identity system.
5 Assignments
0 Petitions
Accused Products
Abstract
An Identity System obtains and maintains real time certificate status. The Identity System retrieves real time status information for the System'"'"'s certificates and stores a record of the status. The Identity System also stores validation information for the certificate, including the time the real time status was retrieved and a validation interval of time extending from the status retrieval time. Smaller validation intervals reduce the potential for the real time status changing during the validation interval. When the Identity System exports or displays a certificate for a user, the Identity System can employ the stored validation information and certificate status to ensure the certificate'"'"'s validity.
-
Citations
32 Claims
-
1. A method comprising the steps of:
-
retrieving a certificate and a real time status for the certificate from a certificate authority; storing the certificate and said real time status in an identity system, wherein the certificate authority is external to the identity system; storing validation information for said certificate in the identity system, wherein said validation information includes an identifier of a time said real time status was retrieved and a validation interval for said real time status; receiving at the identity system a request to export the certificate; determining with the identity system whether to check a status for said certificate, wherein determining whether to check the status for the certificate comprises querying a parameter field in the identity system; and in response to determining to check the status for said certificate, determining with the identity system whether to check the status for the certificate in real time, wherein determining whether to check the status for the certificate in real time comprises querying a parameter field in the identity system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. One or more processor readable storage devices having processor readable code embodied on said one or more processor readable storage devices, said processor readable code for programming one or more processors to perform a method comprising the steps of:
-
retrieving a certificate and a real time status for the certificate from a certificate authority; storing the certificate and said real time status in an identity system, wherein the certificate authority is external to the identity system; storing validation information for said certificate in the identity system, wherein said validation information includes an identifier of a time said real time status was retrieved and a validation interval for said real time status; receiving at the identity system a request to export the certificate; determining with the identity system whether to check a status for said certificate, wherein determining whether to check the status for the certificate comprises querying a parameter field in the identity system; and in response to determining to check the status for said certificate, determining with the identity system whether to check the status for the certificate in real time, wherein determining whether to check the status for the certificate in real time comprises querying a parameter field in the identity system. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
retrieving a certificate and a real time status for the certificate from a certificate authority; storing the certificate and the real time status in an identity system, wherein the certificate authority is external to the identity system; storing validation information for the certificate in the identity system, wherein the validation information includes an identifier of a time the real time status was retrieved and a validation interval for the real time status; receiving at the identity system a request to export the certificate; determining with the identity system whether to check a status for the certificate; in response to determining to not check the status for the certificate, exporting the certificate from the identity system without checking the status for the certificate; in response to determining to check the status for the certificate, determining with the identity system whether to check the status for the certificate in real time; and in response to determining to check the status for the certificate in real time, retrieving a new real time status for the certificate from the certificate authority. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. One or more processor readable storage devices having processor readable code embodied on said one or more processor readable storage devices, said processor readable code for programming one or more processors to perform a method comprising:
-
retrieving a certificate and a real time status for the certificate from a certificate authority; storing the certificate and the real time status in an identity system, wherein the certificate authority is external to the identity system; storing validation information for the certificate in the identity system, wherein the validation information includes an identifier of a time the real time status was retrieved and a validation interval for the real time status; receiving at the identity system a request to export the certificate; determining with the identity system whether to check a status for the certificate; in response to determining to not check the status for the certificate, exporting the certificate from the identity system without checking the status for the certificate; in response to determining to check the status for the certificate, determining with the identity system whether to check the status for the certificate in real time; and in response to determining to check the status for the certificate in real time, retrieving a new real time status for the certificate from the certificate authority. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
-
Specification