Sending digitally signed emails via a web-based email system

US 8,145,707 B2
Filed: 07/19/2005
Issued: 03/27/2012
Est. Priority Date: 07/19/2005
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a PKI email account website displayed on a client computer and hosted on one or More computers in a network, wherein the client computer does not store or recall PKI keys and wherein the PKI email account website is dedicated to creating one or more PKI email accounts and is configured to;

i) receive a PKI email account request from a user of the PKI email account website, wherein the PKI email account request is the only interaction required by the user to create the one or more PKI email accounts;

ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the PKI email account website and wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website;

iii) receive and install a certificate issued and signed by the certificate authority;

iv) create the one or more PKI email accounts, wherein the one or more PKI email accounts are configured to access one or more cryptographic functions, without transmitting PKI digital keys through the network, to securely receive and transmit email, wherein the one or more PKI email accounts are accessible to an email website displayed on the client computer or on any computer connected to the Internet and wherein the email website is configured to read and send email messages; and

v) digitally sign email transmitted from the email website by accessing the one or more PKI email accounts, upon request of the user that the email messages be digitally signed.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.

35 Citations

View as Search Results

15 Claims

1. A system, comprising:
- a PKI email account website displayed on a client computer and hosted on one or More computers in a network, wherein the client computer does not store or recall PKI keys and wherein the PKI email account website is dedicated to creating one or more PKI email accounts and is configured to;
  
  i) receive a PKI email account request from a user of the PKI email account website, wherein the PKI email account request is the only interaction required by the user to create the one or more PKI email accounts;
  
  ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the PKI email account website and wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website;
  
  iii) receive and install a certificate issued and signed by the certificate authority;
  
  iv) create the one or more PKI email accounts, wherein the one or more PKI email accounts are configured to access one or more cryptographic functions, without transmitting PKI digital keys through the network, to securely receive and transmit email, wherein the one or more PKI email accounts are accessible to an email website displayed on the client computer or on any computer connected to the Internet and wherein the email website is configured to read and send email messages; and
  
  v) digitally sign email transmitted from the email website by accessing the one or more PKI email accounts, upon request of the user that the email messages be digitally signed.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the PKI email account website further comprises an integrated keystore system accessible to a plurality of other email systems.
  - 3. The system of claim 1, further comprising a keystore system accessible by one or more email systems via the network.
  - 4. The system of claim 1, further comprising an integrated keystore system.
  - 5. The system of claim 1, wherein the PKI email account website accesses a private key of one of the users from a keystore system and digitally signs an email by one of the users using the private key.
  - 6. The system of claim 1, further comprising a keystore system, wherein the keystore system accesses a private key of one of the users and digitally signs an email by one of the users using the private key.

7. A method comprising the steps of:
- a) hosting a PKI email account website on one or more computers in a network, wherein the PKI email account website is dedicated to creating a PKI email account and is configured to;
  
  i) receive a PKI email account request from a user, wherein the PKI email account request is the only interaction required by the user to create the PKI email account;
  
  ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the PKI email account website and wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website;
  
  iii) receive and install a certificate issued and signed by the certificate authority;
  
  iv) create the PKI email account configured to access one or more cryptographic functions, without transmitting one or more PKI digital keys through the network, to securely receive and transmit email, wherein the PKI email account is accessible to an email website displayed on a client computer or on any computer connected to the Internet, wherein the email website is configured to read and send email messages and wherein the client computer is not relied on to store or recall PKI keys;
  
  b) receiving an email drafted by the user;
  
  c) receiving a request from the user to digitally sign the email;
  
  d) digitally signing the email using a private key generated for the user; and
  
  e) sending the digitally signed email via an email server communicatively coupled to the PKI email account website and integrated with the certificate authority.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein a keystore system is integrated with the PKI email account website and is accessible to a plurality of other email systems.
  - 9. The method of claim 7, wherein the private key never goes to the client computer.
  - 10. The method of claim 7, wherein the private key never leaves the PKI email account website.
  - 11. The method of claim 7, wherein the private key is never revealed to the user.

12. A method comprising the steps of:
- a) hosting a PKI email account website on one or more computers in a network, wherein the PKI email account website is dedicated to creating a PKI email account and is configured to;
  
  i) receive a PKI email account request from a user, wherein the PKI email account request is the only interaction required by the user to create the PKI email account;
  
  ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority is hosted on the one or more computers hosting the PKI email account website and wherein the certificate authority to automatically trusts one or more certificate signing requests from the PKI email account website;
  
  iii) receive and install a certificate issued and signed by the certificate authority;
  
  iv) create the PKI email account configured to access one or more cryptographic functions, without transmitting one or more PKI digital keys through the network, to securely receive and transmit mail, wherein the PKI email account is accessible to an email website configured to read and send email messages displayed on a client computer, or any computer connected to the Internet, and wherein the client computer is not relied on to store or recall PKI keys;
  
  b) receiving an email drafted by the user;
  
  c) receiving a request from the user to digitally sign the email using the certificate received from the certificate authority and stored with a private key in an integrated keystore system comprising a data storage on one or more computers in the network;
  
  d) digitally signing the email; and
  
  e) transmitting the email to a designated recipient.
- View Dependent Claims (13, 14, 15)
- - 13. The method of claim 12, wherein the certificate authority and the integrated keystore system have a network connection with the PKI email account website.
  - 14. The method of claim 12, wherein the private key is never revealed to the user.
  - 15. The method of claim 12, wherein the private key is only revealed to either the PKI email account website or the keystore system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Go Daddy Operating Company LLC (GoDaddy, Inc.)
Original Assignee
Go Daddy Operating Company LLC (GoDaddy, Inc.)
Inventors
Thayer, Wayne, Owen, Brad
Primary Examiner(s)
Nguyen, Phuoc
Assistant Examiner(s)
John, Clarence

Application Number

US11/184,259
Publication Number

US 20070022291A1
Time in Patent Office

2,443 Days
Field of Search

709/206, 709/204, 380/277, 380/281, 713/155, 713/156, 713168-170, 713/182, 726 26- 28, 726/30
US Class Current

709/204
CPC Class Codes

H04L 51/00   User-to-user messaging in p...

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04L 9/006   involving public key infras...

H04L 9/3263   involving certificates, e.g...

Sending digitally signed emails via a web-based email system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Sending digitally signed emails via a web-based email system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links