Public key certification providing apparatus
First Claim
Patent Images
1. A server system including a processor connected to a network, comprising:
- acquisition means for acquiring a temporary IP address of a client;
generation means for generating a first public key in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and
sending means for sending the certificate of the first public key generated by said generation means to the temporary IP address of the client,wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider.
1 Assignment
0 Petitions
Accused Products
Abstract
A host communicates with a gateway, a DHCP server or a PPP peer of ISP to determine an IPv6 address, also receives a public key certificate from the gateway, the DHCP server or the PPP peer of ISP, and sends a public key certificate including an IPv6 address to a communication counterpart. The host receives a new public key certificate from the gateway, the DHCP server or the PPP peer of ISP when necessary.
-
Citations
25 Claims
-
1. A server system including a processor connected to a network, comprising:
-
acquisition means for acquiring a temporary IP address of a client; generation means for generating a first public key in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and sending means for sending the certificate of the first public key generated by said generation means to the temporary IP address of the client, wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider. - View Dependent Claims (2, 3, 4, 11, 12, 13)
-
-
5. A method for providing a public key certificate generated by a server system including a processor connected to a network, comprising:
-
acquiring a temporary IP address of a client; generating a first public key in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network; generating a digital signature based on a second secret key where the second secret key is generated by the server system; generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and providing the client connected to the network with the generated certificate of the first public key; wherein the certificate of the first public key is sent by the client to a destination, and the temporary IP address of the client is confirmed by the destination based on the temporary IP address included in the certificate of the first public key, and the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider. - View Dependent Claims (6, 7, 8, 14, 15, 16, 23)
-
-
9. A server system including a processor comprising, in a subnet, providing means which provides a client in the subnet with a prefix for an IP address of the client and with a certificate of a first public key, further comprising:
-
acquisition means for acquiring a temporary IP address of a client; generation means for generating the first public key in accordance with a public parameter such that the first public is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating the certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and sending means for sending the certificate of the first public key generated by said generation means to the temporary IP address of the client, wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider. - View Dependent Claims (17, 18)
-
-
10. A server system including a processor comprising:
-
first connection means for executing connection with the Internet; second connection means for executing connection with a client via a local network; acquisition means for acquiring a temporary IP address of a client; generation means for generating a first public key in accordance with a public parameter such that the first public is usable corresponding to a first secret key of the client connected to the network, for generating a digital signature based on a second secret key where the second secret key is generated by the server system, and for generating a certificate of the first public key where the certificate of the first public key includes the temporary IP address of the client, a certificate of a second public key, and the digital signature of which legitimacy can be confirmed with the second public key where the second public key is generated by the server system; and sending means for sending the certificate of the first public key to the temporary IP address of the client, wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider. - View Dependent Claims (19, 20)
-
-
21. A communication apparatus connected to a network, comprising:
-
reception means for receiving a certificate of a first public key from a server system including a processor connected to the network, the certificate of the first public key includes a temporary IP address of the communication apparatus, a certificate of a second public keys and a digital signature of which legitimacy can be confirmed with the second public key, wherein the first public key is generated by the server system in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, and the digital signature is generated by the server system based on a second secret key where the second secret key is generated by the server system; confirming means for confirming the legitimacy of the digital signature with the second public key; and informing means for informing the certificate of the first public key to a communication partner in order to identify the temporary IP address of the communication apparatus based on the temporary IP address of the communication apparatus included in the certificate of the first public key, wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider. - View Dependent Claims (24)
-
-
22. A communication method for a communication apparatus connected to a network, comprising steps of:
-
receiving a certificate of a first public key from a server system including a processor connected to the network, the certificate of the first public key includes a temporary IP address of the communication apparatus, a certificate of a second public key, and a digital signature of which legitimacy can be confirmed with the second public key, wherein the first public key is generated by the server system in accordance with a public parameter such that the first public key is usable corresponding to a first secret key of the client connected to the network, and the digital signature is generated by the server system based on a second secret key where the second secret key is generated by the server system; confirming the legitimacy of the digital signature with the second public key; and informing the certificate of the first public key to a communication partner in order to identify the temporary IP address of the communication apparatus based on the temporary IP address of the communication apparatus included in the certificate of the first public key, wherein the certificate of the second public key is issued by an authenticating service provider to the server system when the server system submits the second public key to the authenticating service provider. - View Dependent Claims (25)
-
Specification