Pushing certificate chains to remote devices
First Claim
Patent Images
1. A method of handling a newly issued identity certificate, said method comprising:
- receiving, at a certificate server, said newly issued identity certificate for use by a user device, said newly issued identity certificate generated by a certificate authority;
responsive to said receiving, determining, at said certificate server, a certificate chain related to said newly issued identity certificate, said certificate chain including an identity certificate associated with said certificate authority;
responsive to said determining, obtaining, at said certificate server, each identity certificate in said certificate chain;
responsive to said obtaining, transmitting, from said certificate server, each said identity certificate to a database, where said database is external to said user device; and
transmitting, at said certificate server, said newly issued identity certificate to said database.
4 Assignments
0 Petitions
Accused Products
Abstract
Rather than managing a certificate chain related to a newly issued identity certificate at a terminal to which a wireless device occasionally connects, a certificate server can act to determine the identity certificates in a certificate chain related to the newly issued identity certificate. The certificate server can also act to obtain the identity certificates and transmit the identity certificates towards the device that requested the newly issued identity certificate. A mail server may receive the newly issued identity certificate and the identity certificates in the certificate chain and manage the timing of the transmittal of the identity certificates. By transmitting the identity certificates in the certificate chain before transmitting the newly issued identity certificate, the mail server allows the user device to verify the authenticity of the newly issued identity certificate.
-
Citations
11 Claims
-
1. A method of handling a newly issued identity certificate, said method comprising:
-
receiving, at a certificate server, said newly issued identity certificate for use by a user device, said newly issued identity certificate generated by a certificate authority; responsive to said receiving, determining, at said certificate server, a certificate chain related to said newly issued identity certificate, said certificate chain including an identity certificate associated with said certificate authority; responsive to said determining, obtaining, at said certificate server, each identity certificate in said certificate chain; responsive to said obtaining, transmitting, from said certificate server, each said identity certificate to a database, where said database is external to said user device; and transmitting, at said certificate server, said newly issued identity certificate to said database. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A certificate server comprising:
a processor and a memory device configured to; receive a newly issued identity certificate for use by a user device, said newly issued identity certificate generated by a certificate authority; responsive to said receiving, determine a certificate chain related to said newly issued identity certificate, said certificate chain including an identity certificate associated with said certificate authority; responsive to said determining, obtain each identity certificate in said certificate chain; responsive to said obtaining, transmit each said identity certificate to a database; and
transmit said newly issued identity certificate to said database, wherein said database is external to said user device.
-
7. A non-transitory computer readable medium containing computer-executable instructions that, when performed by a processor, cause said processor to:
-
receive a newly issued identity certificate for use by a user device, said newly issued identity certificate generated by a certificate authority; responsive to said receiving, determine a certificate chain related to said newly issued identity certificate, said certificate chain including an identity certificate associated with said certificate authority; responsive to said determining, obtain each identity certificate in said certificate chain; responsive to said obtaining, transmit each said identity certificate to a database; and transmit said newly issued identity certificate to said database, wherein said database is external to said user device.
-
-
8. A method of handling a newly issued identity certificate on behalf of a particular user device, said method comprising:
-
obtaining, at an email server, said newly issued identity certificate, wherein said newly issued identity certificate is associated with a certificate chain defined as a set of identity certificates; responsive to said obtaining, determining, at said email server, a first subset of said set, said first subset including all of said identity certificates, in said set, that have previously been transmitted to said particular user device; responsive to said obtaining, determining, at said email server, a second subset of said set, said subset including all of said identity certificates, in said set, that have not previously been transmitted to said particular user device; responsive to said determining said second subset, transmitting, from said email server to said particular user device, each identity certificate in said second subset; and transmitting, to said particular user device, said newly issued identity certificate. - View Dependent Claims (9)
-
-
10. An email server comprising:
a processor and a memory device configured to; obtain a newly issued identity certificate, wherein said newly issued identity certificate is associated with a certificate chain defined as a set of identity certificates; responsive to said obtaining, determine a first subset of said set, said first subset including all of said identity certificates, in said set, that have previously been transmitted to said particular user device; responsive to said obtaining, determine a second subset of said set, said subset including all of said identity certificates, in said set, that have not previously been transmitted to said particular user device; responsive to said determining said second subset, transmit, to said particular user device, each identity certificate in said second subset; and
transmit, to said particular user device, said newly issued identity certificate.
-
11. A non-transitory computer readable medium containing computer-executable instructions that, when performed by a processor, cause said processor to:
-
obtain a newly issued identity certificate, wherein said newly issued identity certificate is associated with a certificate chain defined as a set of identity certificates; responsive to said obtaining, determine a first subset of said set, said first subset including all of said identity certificates, in said set, that have previously been transmitted to said particular user device; responsive to said obtaining, determine a second subset of said set, said subset including all of said identity certificates, in said set, that have not previously been transmitted to said particular user device; responsive to said determining said second subset, transmit, to said particular user device, each identity certificate in said second subset; and
transmit, to said particular user device, said newly issued identity certificate.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMalikie Innovations Limited (Key Patent Innovations Limited)
-
Original AssigneeResearch In Motion Limited (Blackberry Limited)
-
InventorsMok, Cheryl, Tu, Van Quy
-
Primary Examiner(s)Chea, Philip
-
Assistant Examiner(s)ALVARADO DAVID, DORIANNE
-
Application NumberUS12/410,597Publication NumberTime in Patent Office1,371 DaysField of SearchNoneUS Class Current726/6CPC Class CodesH04L 2209/80 WirelessH04L 9/3265 using certificate chains, t...H04W 12/069 using certificates or pre-s...H04W 12/106 Packet or message integrity
