System and method for retrieving certificates associated with senders of digitally signed messages

US 7,886,144 B2
Filed: 10/29/2004
Issued: 02/08/2011
Est. Priority Date: 10/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method of retrieving certificates associated with senders of digitally signed electronic mail messages received at a user'"'"'s mobile computing device, wherein the method is performed by an application executing on the user'"'"'s computing device, the method comprising:

detecting, by the user'"'"'s mobile computing device, when an electronic mail message comprising a digital signature of the sender of the electronic mail message has arrived at the user'"'"'s mobile computing device;

identifying, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening, a certificate associated with the sender that comprises a public key capable of verifying the digital signature, wherein the certificate is not included in the electronic mail message;

determining, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening and prior to verifying the digital signature, whether the certificate is stored in a certificate store on the user'"'"'s mobile computing device, this being performed by the application without user intervention;

retrieving the certificate from a certificate store remotely located from the user'"'"'s mobile computing device if the certificate is determined to be not stored on the user'"'"'s mobile computing device;

verifying, by the user'"'"'s mobile computing device, the digital signature of the electronic mail message using the certificate, this being performed by the application without user intervention, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening;

generating an indicator for display at the user'"'"'s mobile computing device that indicates whether the digital signature is successfully verified;

verifying at least one certificate property of the certificate, this being performed by the application after the certificate is retrieved, without user intervention; and

generating an indicator for display at the user'"'"'s mobile computing device that indicates, for each of the at least one certificate property, a result of the verification of the respective certificate property.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for retrieving certificates and/or verifying the revocation status of certificates. In one embodiment, when a user opens a digitally signed message, a certificate that is required to verify the digital signature on the message may be automatically retrieved if it is not stored on the user'"'"'s computing device (e.g. a mobile device), eliminating the need for users to initiate the task manually. Verification of the digital signature may also be automatically performed by the application after the certificate is retrieved. Verification of the revocation status of a certificate may also be automatically performed if it is determined that the time that has elapsed since the status was last updated exceeds a pre-specified limit.

Citations

13 Claims

1. A method of retrieving certificates associated with senders of digitally signed electronic mail messages received at a user'"'"'s mobile computing device, wherein the method is performed by an application executing on the user'"'"'s computing device, the method comprising:
- detecting, by the user'"'"'s mobile computing device, when an electronic mail message comprising a digital signature of the sender of the electronic mail message has arrived at the user'"'"'s mobile computing device;
  
  identifying, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening, a certificate associated with the sender that comprises a public key capable of verifying the digital signature, wherein the certificate is not included in the electronic mail message;
  
  determining, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening and prior to verifying the digital signature, whether the certificate is stored in a certificate store on the user'"'"'s mobile computing device, this being performed by the application without user intervention;
  
  retrieving the certificate from a certificate store remotely located from the user'"'"'s mobile computing device if the certificate is determined to be not stored on the user'"'"'s mobile computing device;
  
  verifying, by the user'"'"'s mobile computing device, the digital signature of the electronic mail message using the certificate, this being performed by the application without user intervention, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening;
  
  generating an indicator for display at the user'"'"'s mobile computing device that indicates whether the digital signature is successfully verified;
  
  verifying at least one certificate property of the certificate, this being performed by the application after the certificate is retrieved, without user intervention; and
  
  generating an indicator for display at the user'"'"'s mobile computing device that indicates, for each of the at least one certificate property, a result of the verification of the respective certificate property.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the application is an electronic mail application.
  - 3. The method of claim 1, further comprising storing the certificate in a certificate store on the user'"'"'s mobile computing device.
  - 4. The method of claim 3, wherein said storing the certificate is performed by the application after the certificate is retrieved, without user intervention.
  - 5. The method of claim 1, wherein the at least one certificate property further comprises the trust status of the certificate.
  - 6. The method of claim 1, wherein the at least one certificate property further comprises one or more of the certificate properties selected from the following group:
    - the expiration status of the certificate, and the strength of the public key of the certificate.

7. A computer-readable storage device, comprising a plurality of instructions for an application, the application for execution on a user'"'"'s mobile computing device, the instructions for performing a method comprising:
- detecting, by the user'"'"'s mobile computing device, when an electronic mail message comprising a digital signature of the sender of the electronic mail message has arrived at the user'"'"'s mobile computing device;
  
  identifying, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening, a certificate associated with the sender that comprises a public key capable of verifying the digital signature, wherein the certificate is not included in the message;
  
  determining, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening and prior to verifying the digital signature, whether the certificate is stored in a certificate store on the user'"'"'s mobile computing device, this being performed by the application without user intervention;
  
  retrieving the certificate from a certificate store remotely located from the user'"'"'s mobile computing device if the certificate is determined to be not stored on the user'"'"'s mobile computing device;
  
  verifying, by the user'"'"'s mobile computing device, the digital signature of the electronic mail message using the certificate, this being performed by the application without user intervention, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening;
  
  generating an indicator for display at the user'"'"'s mobile computing device that indicates whether the digital signature is successfully verified;
  
  verifying at least one certificate property of the certificate, this being performed by the application after the certificate is retrieved, without user intervention; and
  
  generating an indicator for display at the user'"'"'s mobile computing device that indicates, for each of the at least one certificate property, a result of the verification of the respective certificate property.

8. A system for retrieving certificates associated with senders of digitally signed electronic mail messages, the system comprising:
- a user'"'"'s mobile computing device, including a processor and a memory, on which an application is installed;
  
  wherein execution of the application causes the processor to perform acts of a method comprising;
  
  detecting, by the user'"'"'s mobile computing device, when an electronic mail message comprising a digital signature of the sender of the electronic mail message has arrived at the user'"'"'s mobile computing device;
  
  identifying, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening, a certificate associated with the sender that comprises a public key capable of verifying the digital signature, wherein the certificate is not included in the electronic mail message;
  
  determining, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening and prior to verifying the digital signature, whether the certificate is stored in a certificate store on the user'"'"'s mobile computing device, this being performed by the application without user intervention;
  
  retrieving the certificate from a certificate store remotely located from the user'"'"'s mobile computing device if the certificate is determined to be not stored on the user'"'"'s mobile computing device;
  
  verifying, by the user'"'"'s mobile computing device, the digital signature of the electronic mail message using the certificate, this being performed by the application without user intervention, when the electronic mail message arrives at the user'"'"'s mobile computing device before the electronic mail message is user-selected for opening;
  
  generating an indicator for display at the user'"'"'s mobile computing device that indicates whether the digital signature is successfully verified;
  
  verifying at least one certificate property of the certificate, this being performed by the application after the certificate is retrieved, without user intervention; and
  
  generating an indicator for display at the user'"'"'s mobile computing device that indicates, for each of the at least one certificate property, a result of the verification of the respective certificate property.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, wherein the application is an electronic mail application.
  - 10. The system of claim 8, wherein the acts of the method further comprise storing the certificate in a certificate store on the user'"'"'s mobile computing device.
  - 11. The system of claim 10, wherein said storing the certificate is performed by the application after the certificate is retrieved, without user intervention.
  - 12. The system of claim 8, wherein the at least one certificate property further comprises the trust status of the certificate.
  - 13. The system of claim 8, wherein the at least one certificate property further comprises one or more of the certificate properties selected from the following group:
    - the expiration status of the certificate, and the strength of the public key of the certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Research In Motion Limited (Blackberry Limited)
Inventors
Adams, Neil P., Brown, Michael S., Brown, Michael K., Kirkup, Michael G., Little, Herbert A.
Primary Examiner(s)
Pyzocha; Michael
Assistant Examiner(s)
PHAM, LUU T

Application Number

US10/975,987
Publication Number

US 20060112419A1
Time in Patent Office

2,293 Days
Field of Search

726/5
US Class Current

713/156
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

System and method for retrieving certificates associated with senders of digitally signed messages

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for retrieving certificates associated with senders of digitally signed messages

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links