×

Verifying cryptographic identity during media session initialization

  • US 8,200,959 B2
  • Filed: 06/28/2007
  • Issued: 06/12/2012
  • Est. Priority Date: 06/28/2007
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving, through a network interface of an authentication agent, a media initialization message requesting a media session for the exchange of real-time media with a remote endpoint, the media initialization message asserting an identity and comprising a plurality of fields and a signature, the signature formed by encrypting a portion of the fields with a first private key associated with a trusted source other than the endpoint, the plurality of fields including at least one unsigned field not in the portion of the fields, the unsigned field indicating a source address of the remote endpoint;

    verifying the signature using a first public key corresponding to the first private key, the first public key associated with the trusted source, the verification of the signature confirming that the identity was authenticated by the trusted source;

    receiving a certificate including a second public key;

    verifying that the certificate is consistent with data in the media initialization message;

    confirming the identity of the remote endpoint by receiving confirmation that the remote endpoint knows a second private key corresponding to the second public key; and

    in response to confirming the identity, exchanging the real-time media with the remote endpoint.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×