Method for revoking a digital signature
First Claim
Patent Images
1. A method, implemented by a server computer system programmed to perform the following, comprising:
- generating, by the server computer system, a signature revocation list to indicate revocation status of a signature used by a signer to sign a document, the signature comprising a signing certificate issued by a trusted authority and the document that has been hashed by a hash function and encrypted by a private key of the signer of the document;
computing, by the server computer system, an identifier of the signature in the signature revocation list based on contents of the signature; and
publishing, by the server computer system, the signature revocation list for access by users of the document.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for revoking a digital signature using a signature revocation list. In one embodiment, the method includes generating the signature revocation list to indicate revocation status of a signature. The signature is created from an encryption key and a document. The method also includes computing an identifier of the signature in the signature revocation list based on contents of the signature. The method further includes publishing the signature revocation list for access by users of the document.
16 Citations
25 Claims
-
1. A method, implemented by a server computer system programmed to perform the following, comprising:
-
generating, by the server computer system, a signature revocation list to indicate revocation status of a signature used by a signer to sign a document, the signature comprising a signing certificate issued by a trusted authority and the document that has been hashed by a hash function and encrypted by a private key of the signer of the document; computing, by the server computer system, an identifier of the signature in the signature revocation list based on contents of the signature; and publishing, by the server computer system, the signature revocation list for access by users of the document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
data storage to store a signature revocation list to indicate revocation status of a signature used by a signer to sign a document, the signature comprising a signing certificate issued by a trusted authority and the document that has been hashed by a hash function and encrypted by a private key of the signer of the document; and a revocation server computer system coupled to the data storage to generate the signature revocation list in which the signature is to be identified based on contents of the signature, and to publish the signature revocation list for access by users of the document. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer readable storage medium including instructions that, when executed by a processing system, cause the processing system to perform a method comprising:
-
generating a signature revocation list to indicate revocation status of a signature used by a signer to sign a document, the signature comprising a signing certificate issued by a trusted authority and the document that has been hashed by a hash function and encrypted by a private key of the signer of the document; computing an identifier of the signature in the signature revocation list based on contents of the signature; and publishing the signature revocation list for access by users of the document. - View Dependent Claims (19, 20)
-
-
21. A method, implemented by a client computer system programmed to perform the following, comprising:
-
receiving, by the client computer system, a document and a signature used by a signer to sign a document, the signature comprising a signing certificate issued by a trusted authority and the document that has been hashed by a hash function and encrypted by a private key of the signer of the document; submitting by the client computer system a request for verifying the signature, the request including an identifier computed from contents of the signature; and receiving, by the client computer system, a response to the request, the response indicating validity of the signature. - View Dependent Claims (22, 23)
-
-
24. A non-transitory computer readable storage medium including instructions that, when executed by a processing system, cause the processing system to perform a method comprising:
-
receiving a query identifying a signature used by a signer to sign a document, the signature comprising a signing certificate issued by a trusted authority and the document that has been hashed by a hash function and encrypted by a private key of the signer of the document; determining whether the signature is in a signature revocation list that indicates revocation status of a plurality of signatures; and responding to the query by indicating validity of the signature. - View Dependent Claims (25)
-
Specification