Provisions for validating content using a content registration authority
First Claim
1. A method that implements a registration-based validation of content using a content registration authority, the method comprising:
- purchasing content from a content publisher using a client interaction functionality;
receiving a package at a client device that contains the content and a stamp for the content, the stamp including a content identifier and a certificate that leads to a chain of certificates for validating the content; and
validating the content by determining that the content is trustworthy at least when a final certificate in the chain of certificates points to a content registration authority that is trusted by the client device and that the final certificate is a certificate that the client device is encoded to accept as a trusted root, wherein the content registration authority is different than the content publisher.
2 Assignments
0 Petitions
Accused Products
Abstract
Strategies are described for validating content transferred over a communication channel using a more effective approach than heretofore provided in the art. A content registration authority is provided which registers the content disseminated by one or more content providers to one or more client devices. A client device which receives content that has been registered can securely consume the content, based on an assumption that a content provider which furnishes the content is entrusted by the content registration authority to provide the content, and without prompting a user of the client device to expressly approve the content provider. In a first solution, the content registration authority registers the content by issuing a certification stamp; in a second solution, the content registration authority registers the content by storing registration information in a central repository. The content may contain instructions which perform operations in the context of an instant messenger application.
-
Citations
20 Claims
-
1. A method that implements a registration-based validation of content using a content registration authority, the method comprising:
-
purchasing content from a content publisher using a client interaction functionality; receiving a package at a client device that contains the content and a stamp for the content, the stamp including a content identifier and a certificate that leads to a chain of certificates for validating the content; and validating the content by determining that the content is trustworthy at least when a final certificate in the chain of certificates points to a content registration authority that is trusted by the client device and that the final certificate is a certificate that the client device is encoded to accept as a trusted root, wherein the content registration authority is different than the content publisher. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. One or more computer-readable storage media having computer-readable instructions thereon which, when executed by a client device, directs the client device to perform operations comprising:
-
implementing an instant message communication session; receiving a package at the client device containing an instant messaging feature and a stamp for the instant messaging feature from another client device during the instant message communication session, the stamp including certificate information for validating the instant messaging feature; and validating the instant messaging feature by determining that the instant message feature is trustworthy at least when a final certificate in a chain of certificates included in the certification information points to a content registration authority that is trusted by the client device and that the final certificate is a certificate that the client device is encoded to accept as a trusted root, wherein the content registration authority is different than a content publisher of the instant messaging feature. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method, comprising:
-
registering content as trustworthy at a content registration authority that is trusted by a client device by storing a content identifier of the content in a registration data store of the content registration authority; receiving a request from the client device that stores the content to validate the content as trustworthy; and confirming that the content is trustworthy at least when a final certificate in a chain of certificates included in certification information of the content points to the content registration authority that is trusted by the client device, the final certificate is a certificate that the client device is encoded to accept as a trusted root, and the registration data store includes a stored content identifier corresponding to the content identifier of the content, wherein the content registration authority is different than the content publisher of the content. - View Dependent Claims (17, 18, 19, 20)
-
Specification