Method and apparatus for securely exchanging cryptographic identities through a mutually trusted intermediary
First Claim
1. A computer-implemented method for securely exchanging cryptographic identities through a mutually trusted intermediary computer, the method comprising:
- receiving, at the trusted intermediary computer, from a petitioner computer, data that specifies;
a first cryptographic identity of the petitioner computer,a first resource identifier identifying a first location where the petitioner computer is located, andan input receiving entity for accepting input, from a particular entity at the trusted intermediary computer, that specifies a second resource identifier identifying a second location where an authority computer is located;
receiving, at the trusted intermediary computer, from the particular entity, the input that specifies the second resource identifier identifying the second location where the authority computer is located, and to which the trusted intermediary computer is to send the data received from the petitioner computer;
sending, from the trusted intermediary computer, the first cryptographic identity and the first resource identifier to the authority computer at the second location indicated by the second resource identifier;
receiving, from the authority computer, data that specifies a second cryptographic identity of the authority computer and the first resource identifier and the second resource identifier; and
sending, from the trusted intermediary computer, the second cryptographic identity and the second resource identifier to the petitioner computer at the first location indicated by the first resource identifier.
0 Assignments
0 Petitions
Accused Products
Abstract
A method of securely exchanging cryptographic identities through a mutually trusted intermediary is disclosed. Data, which specifies a petitioner'"'"'s cryptographic identity and a petitioner'"'"'s resource identifier, is received. Input, which specifies an authority'"'"'s resource identifier, is received. The petitioner'"'"'s cryptographic identity and the petitioner'"'"'s resource identifier are sent to a destination that is associated with the authority'"'"'s resource identifier. Data, which specifies the authority'"'"'s cryptographic identity, is received. The authority'"'"'s cryptographic identity is sent to a destination that is associated with the petitioner'"'"'s resource identifier.
-
Citations
20 Claims
-
1. A computer-implemented method for securely exchanging cryptographic identities through a mutually trusted intermediary computer, the method comprising:
-
receiving, at the trusted intermediary computer, from a petitioner computer, data that specifies; a first cryptographic identity of the petitioner computer, a first resource identifier identifying a first location where the petitioner computer is located, and an input receiving entity for accepting input, from a particular entity at the trusted intermediary computer, that specifies a second resource identifier identifying a second location where an authority computer is located; receiving, at the trusted intermediary computer, from the particular entity, the input that specifies the second resource identifier identifying the second location where the authority computer is located, and to which the trusted intermediary computer is to send the data received from the petitioner computer; sending, from the trusted intermediary computer, the first cryptographic identity and the first resource identifier to the authority computer at the second location indicated by the second resource identifier; receiving, from the authority computer, data that specifies a second cryptographic identity of the authority computer and the first resource identifier and the second resource identifier; and sending, from the trusted intermediary computer, the second cryptographic identity and the second resource identifier to the petitioner computer at the first location indicated by the first resource identifier. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus for securely exchanging cryptographic identities through a mutually trusted intermediary computer, comprising:
-
means for receiving, at the trusted intermediary computer, from a petitioner computer, data that specifies; a first cryptographic identity of the petitioner computer, a first resource identifier identifying a first location where the petitioner computer is located, and an input receiving entity for accepting input, from a particular entity at the trusted intermediary computer, that specifies a second resource identifier identifying a second location where an authority computer is located; means for receiving, at the trusted intermediary computer, from the particular entity, the input that specifies the second resource identifier identifying the second location where the authority computer is located, and to which the trusted intermediary computer is to send the data received from the petitioner computer; means for sending, from the trusted intermediary computer, the first cryptographic identity and the first resource identifier to the authority computer at the second location indicated by the second resource identifier; means for receiving, from the authority computer, data that specifies a second cryptographic identity of the authority computer and the first resource identifier and the second resource identifier; and means for sending, from the trusted intermediary computer, the second cryptographic identity and the second resource identifier to the petitioner computer at the first location indicated by the first resource identifier. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A volatile or non-volatile computer-readable medium carrying one or more sequences of instructions for securely exchanging cryptographic identities through a mutually trusted intermediary computer, which instructions, when executed by one or more processors, cause the one or more processors to perform:
-
receiving, at the trusted intermediary computer, from a petitioner computer, data that specifies; a first cryptographic identity of the petitioner computer, a first resource identifier identifying a first location where the petitioner computer is located, and an input receiving entity for accepting input, from a particular entity at the trusted intermediary computer, that specifies a second resource identifier identifying a second location where an authority computer is located; receiving, at the trusted intermediary computer, from the particular entity, the input that specifies the second resource identifier identifying the second location where the authority computer is located, and to which the trusted intermediary computer is to send the data received from the petitioner computer; sending, from the trusted intermediary computer, the first cryptographic identity and the first resource identifier to the authority computer at the second location indicated by the second resource identifier; receiving, from the authority computer, data that specifies a second cryptographic identity of the authority computer and the first resource identifier and the second resource identifier; and sending, from the trusted intermediary computer, the second cryptographic identity and the second resource identifier to the petitioner computer at the first location indicated by the first resource identifier. - View Dependent Claims (12, 13, 14, 15)
-
-
16. An apparatus for securely exchanging cryptographic identities through a mutually trusted intermediary computer, comprising:
-
a network interface that is coupled to a data network for receiving one or more packet flows therefrom; a processor; and one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of; receiving, at the trusted intermediary computer, from a petitioner computer, data that specifies; a first cryptographic identity of the petitioner computer, a first resource identifier identifying a first location where the petitioner computer is located, and an input receiving entity for accepting input, from a particular entity at the trusted intermediary computer, that specifies a second resource identifier identifying a second location where an authority computer is located; receiving, at the trusted intermediary computer, from the particular entity, the input that specifies the second resource identifier identifying the second location where the authority computer is located, and to which the trusted intermediary computer is to send the data received from the petitioner computer; sending, from the trusted intermediary computer, the first cryptographic identity and the first resource identifier to the authority computer at the second location indicated by the second resource identifier; receiving, from the authority computer, data that specifies a second cryptographic identity of the authority computer and the first resource identifier and the second resource identifier; and sending, from the trusted intermediary computer, the second cryptographic identity and the second resource identifier to the petitioner computer at the first location indicated by the first resource identifier. - View Dependent Claims (17, 18, 19, 20)
-
Specification