Peer-to-peer SMIME mechanism
First Claim
Patent Images
1. A computer-implemented method comprising:
- generating, by a mail client of a sender client device, a public and private key pair;
generating, by the mail client, a self-signed certificate of a sender that includes the public key of the public and private key pair, wherein the sender acts as its own certificate of authenticity issuer for the self-signed certificate;
forming, by the mail client, an introduction message comprising the self-signed certificate of the sender and an authenticated attribute, the introduction message addressed to a recipient, wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; and
sending, by the mail client, the introduction message to the recipient;
wherein when the introduction message is received at a mail client of the recipient, the introduction message triggers the mail client of the recipient to provide a user interface that queries the recipient to confirm the user-selected password for the introduction message and to accept the self-signed certificate upon confirmation of the user-selected password.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for sending a self-asserted certificate is described. A mail client of a sender is configured to generate a public and private key pair, to create a self-signed certificate, and to form an introduction message addressed to a recipient to enable use of the self-signed certificate prior to corresponding with the recipient. A mail client of a recipient is configured to display an indicator of a receipt of the introduction message from the sender. The indicator comprises a user interface query to the recipient to verify and accept the sender-signed certificate in response to receiving the introduction message from the sender.
40 Citations
33 Claims
-
1. A computer-implemented method comprising:
-
generating, by a mail client of a sender client device, a public and private key pair; generating, by the mail client, a self-signed certificate of a sender that includes the public key of the public and private key pair, wherein the sender acts as its own certificate of authenticity issuer for the self-signed certificate; forming, by the mail client, an introduction message comprising the self-signed certificate of the sender and an authenticated attribute, the introduction message addressed to a recipient, wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; and sending, by the mail client, the introduction message to the recipient; wherein when the introduction message is received at a mail client of the recipient, the introduction message triggers the mail client of the recipient to provide a user interface that queries the recipient to confirm the user-selected password for the introduction message and to accept the self-signed certificate upon confirmation of the user-selected password. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method comprising:
-
receiving, by a mail client of a recipient client device, an introduction message from a sender to a recipient that utilizes the mail client, the introduction message comprising a public key of the sender, a sender-signed certificate, and an authenticated attribute, wherein the sender acts as a certificate of authenticity issuer for the sender-signed certificate, and wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; displaying, by the mail client, an indication that the introduction message has been received; generating, by the mail client, a user interface to the recipient, the user interface configured to; query the recipient to confirm the user-selected password for the introduction message; and accept the sender-signed certificate upon confirmation of the user-selected password; and receiving, by the mail client from the recipient via the user interface, an indication that the recipient has accepted the sender-signed certificate. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A non-transitory computer-accessible storage medium including data that, when accessed by a computer system, cause the computer system to perform a method comprising:
-
generating, by a mail client of a sender client device, a public and private key pair; generating, by the mail client, a self-signed certificate of a sender that includes the public key of the public and private key pair, wherein the sender acts as its own certificate of authenticity issuer for the self-signed certificate; forming, by the mail client, an introduction message comprising the self-signed certificate of the sender and an authenticated attribute, the introduction message addressed to a recipient, wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; and sending, by the mail client, the introduction message to the recipient; wherein when the introduction message is received at a mail client of the recipient, the introduction message triggers the mail client of the recipient to provide a user interface that queries the recipient to confirm the user-selected password for the introduction message and to accept the self-signed certificate upon confirmation of the user-selected password. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-accessible storage medium including data that, when accessed by a computer system, cause the computer system to perform a method comprising:
-
receiving, at a mail client of a recipient client device, an introduction message from a sender to a recipient that utilizes the mail client, the introduction message comprising a public key of the sender, a sender-signed certificate, and an authenticated attribute, wherein the sender acts as a certificate of authenticity issuer for the sender-signed certificate, and wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; displaying, by the mail client, an indication that the introduction message has been received; generating, by the mail client, a user interface to the recipient, the user interface configured to; query the recipient to confirm the user-selected password for the introduction message; and accept the sender-signed certificate upon confirmation of the user-selected password; and receiving, by the mail client from the recipient via the user interface, an indication that the recipient has accepted the sender-signed certificate. - View Dependent Claims (21, 22, 23, 24)
-
-
25. A client computer system comprising:
-
a memory; and a processing device to execute a mail client from the memory, the mail client configured to; generate a public and private key pair; create a self-signed certificate of a sender that includes the public key of the public and private key pair, wherein the sender acts as its own certificate of authenticity issuer for the self-signed certificate; form an introduction message comprising the self-signed certificate of the sender and an authenticated attribute, the introduction message addressed to a recipient, wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; and send the introduction message to the recipient; wherein when the introduction message is received at a mail client of the recipient, the introduction message triggers the mail client of the recipient to provide a user interface that queries the recipient to confirm the user-selected password for the introduction message and to accept the self-signed certificate upon confirmation of the user-selected password. - View Dependent Claims (26, 27, 28, 29)
-
-
30. A client computer system comprising:
-
a memory; and a processing device to execute a mail client from the memory, the mail client configured to; receive an introduction message from a sender to a recipient that uses the mail client, the introduction message comprising a public key of the sender, a sender-signed certificate, and an authenticated attribute, wherein the sender acts as a certificate of authenticity issuer for the sender-signed certificate, and wherein the authenticated attribute is out of band proof comprising a password-based encryption (PBE) of a hash of the self-signed certificate that is based on a user-selected password for the introduction message; display an indication that the introduction message has been received; generate a user interface to the recipient, the user interface configured to; query the recipient to confirm the user-selected password for the introduction message; and accept the sender-signed certificate upon confirmation of the user-selected password; and receive, from the recipient via the user interface, an indication that the recipient has accepted the sender-signed certificate. - View Dependent Claims (31, 32, 33)
-
Specification