Sending digitally signed emails via a web-based email system
First Claim
Patent Images
1. A system, comprising:
- a PKI email account website displayed on a client computer and hosted on one or More computers in a network, wherein the client computer does not store or recall PKI keys and wherein the PKI email account website is dedicated to creating one or more PKI email accounts and is configured to;
i) receive a PKI email account request from a user of the PKI email account website, wherein the PKI email account request is the only interaction required by the user to create the one or more PKI email accounts;
ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the PKI email account website and wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website;
iii) receive and install a certificate issued and signed by the certificate authority;
iv) create the one or more PKI email accounts, wherein the one or more PKI email accounts are configured to access one or more cryptographic functions, without transmitting PKI digital keys through the network, to securely receive and transmit email, wherein the one or more PKI email accounts are accessible to an email website displayed on the client computer or on any computer connected to the Internet and wherein the email website is configured to read and send email messages; and
v) digitally sign email transmitted from the email website by accessing the one or more PKI email accounts, upon request of the user that the email messages be digitally signed.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.
-
Citations
15 Claims
-
1. A system, comprising:
a PKI email account website displayed on a client computer and hosted on one or More computers in a network, wherein the client computer does not store or recall PKI keys and wherein the PKI email account website is dedicated to creating one or more PKI email accounts and is configured to; i) receive a PKI email account request from a user of the PKI email account website, wherein the PKI email account request is the only interaction required by the user to create the one or more PKI email accounts; ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the PKI email account website and wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website; iii) receive and install a certificate issued and signed by the certificate authority; iv) create the one or more PKI email accounts, wherein the one or more PKI email accounts are configured to access one or more cryptographic functions, without transmitting PKI digital keys through the network, to securely receive and transmit email, wherein the one or more PKI email accounts are accessible to an email website displayed on the client computer or on any computer connected to the Internet and wherein the email website is configured to read and send email messages; and v) digitally sign email transmitted from the email website by accessing the one or more PKI email accounts, upon request of the user that the email messages be digitally signed. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A method comprising the steps of:
-
a) hosting a PKI email account website on one or more computers in a network, wherein the PKI email account website is dedicated to creating a PKI email account and is configured to; i) receive a PKI email account request from a user, wherein the PKI email account request is the only interaction required by the user to create the PKI email account; ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the PKI email account website and wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website; iii) receive and install a certificate issued and signed by the certificate authority; iv) create the PKI email account configured to access one or more cryptographic functions, without transmitting one or more PKI digital keys through the network, to securely receive and transmit email, wherein the PKI email account is accessible to an email website displayed on a client computer or on any computer connected to the Internet, wherein the email website is configured to read and send email messages and wherein the client computer is not relied on to store or recall PKI keys; b) receiving an email drafted by the user; c) receiving a request from the user to digitally sign the email; d) digitally signing the email using a private key generated for the user; and e) sending the digitally signed email via an email server communicatively coupled to the PKI email account website and integrated with the certificate authority. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method comprising the steps of:
-
a) hosting a PKI email account website on one or more computers in a network, wherein the PKI email account website is dedicated to creating a PKI email account and is configured to; i) receive a PKI email account request from a user, wherein the PKI email account request is the only interaction required by the user to create the PKI email account; ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website and wherein the certificate authority to automatically trusts one or more certificate signing requests from the PKI email account website; iii) receive and install a certificate issued and signed by the certificate authority; iv) create the PKI email account configured to access one or more cryptographic functions, without transmitting one or more PKI digital keys through the network, to securely receive and transmit mail, wherein the PKI email account is accessible to an email website configured to read and send email messages displayed on a client computer, or any computer connected to the Internet, and wherein the client computer is not relied on to store or recall PKI keys; b) receiving an email drafted by the user; c) receiving a request from the user to digitally sign the email using the certificate received from the certificate authority and stored with a private key in an integrated keystore system comprising a data storage on one or more computers in the network; d) digitally signing the email; and e) transmitting the email to a designated recipient. - View Dependent Claims (13, 14, 15)
-
Specification