Receiving encrypted emails via a web-based email system
First Claim
Patent Images
1. A system, comprising:
- a) a public key infrastructure email account website hosted on one or more computers in a network, wherein the public key infrastructure email account website is dedicated to creating a public key infrastructure email account and is configured to;
i) receive a public key infrastructure email account request from a user, wherein the public key infrastructure email account request is the only interaction required by the user to create the public key infrastructure email account;
ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the public key infrastructure email account website and wherein the certificate authority is hosted on the one or more computers hosting the public key infrastructure email account website;
iii) receive and install a certificate issued and signed by the certificate authority;
iv) create the public key infrastructure email account configured to access one or more cryptographic functions to securely receive and transmit mail, wherein the public key infrastructure email account is accessible to a first email website displayed on a client computer communicatively coupled to the network and wherein the client computer is not relied on to store or recall public key infrastructure keys;
b) an email server communicatively coupled to the network and the public key infrastructure email account website and configured to encrypt and decrypt email received and transmitted between the first email website and a second email website, using the certificate and a public key for the user.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.
33 Citations
16 Claims
-
1. A system, comprising:
-
a) a public key infrastructure email account website hosted on one or more computers in a network, wherein the public key infrastructure email account website is dedicated to creating a public key infrastructure email account and is configured to; i) receive a public key infrastructure email account request from a user, wherein the public key infrastructure email account request is the only interaction required by the user to create the public key infrastructure email account; ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the public key infrastructure email account website and wherein the certificate authority is hosted on the one or more computers hosting the public key infrastructure email account website; iii) receive and install a certificate issued and signed by the certificate authority; iv) create the public key infrastructure email account configured to access one or more cryptographic functions to securely receive and transmit mail, wherein the public key infrastructure email account is accessible to a first email website displayed on a client computer communicatively coupled to the network and wherein the client computer is not relied on to store or recall public key infrastructure keys; b) an email server communicatively coupled to the network and the public key infrastructure email account website and configured to encrypt and decrypt email received and transmitted between the first email website and a second email website, using the certificate and a public key for the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising the steps of:
-
a) hosting a public key infrastructure email account website on one or more computers in a network, wherein the public key infrastructure email account website is dedicated to creating a public key infrastructure email account and is configured to; i) receive a public key infrastructure email account request from a user, wherein the public key infrastructure email account request is the only interaction required by the user to create the public key infrastructure email account; ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the public key infrastructure email account website and wherein the certificate authority is hosted on the one or more computers hosting the public key infrastructure email account website; iii) receive and install a certificate issued and signed by the certificate authority; iv) create the public key infrastructure email account configured to access one or more cryptographic functions to securely receive and transmit mail, wherein the public key infrastructure email account is accessible to an email website displayed on a client computer communicatively coupled to the network and wherein the client computer is not relied on to store or recall public key infrastructure keys; b) generating a private key for the user, without interaction from the user, on an email server wherein the email server and the certificate authority are integrated, and share hardware and software resources c) receiving an encrypted email directed to the user; d) decrypting the encrypted email using the private key; and e) displaying the decrypted email on the client computer. - View Dependent Claims (11, 12, 13)
-
-
14. A method comprising the steps of:
-
a) hosting a public key infrastructure email account website on one or more computers in a network, wherein the public key infrastructure email account website is dedicated to creating a public key infrastructure email account and is configured to; i) receive a public key infrastructure email account request from a user, wherein the public key infrastructure email account request is the only interaction required by the user to create the public key infrastructure email account; ii) generate and send a certificate signing request to a certificate authority which does not interact with the user, wherein the certificate authority automatically trusts one or more certificate signing requests from the public key infrastructure email account website and wherein the certificate authority is hosted on the one or more computers hosting the public key infrastructure email account website; iii) receive and install a certificate issued and signed by the certificate authority; iv) create a public key infrastructure account comprising a public key and a private key for the user, wherein the public key infrastructure account is configured to access one or more cryptographic functions, without transmitting one or more public key infrastructure digital keys through the network, to securely receive and transmit mail, wherein the public key infrastructure account is accessible to a first email website displayed on a client computer, or any computer connected to the Internet, and wherein the client computer is not relied on to store or recall public key infrastructure keys; b) storing the public key in a data storage on one or more computers in the network; c) receiving a request from a desktop email client or a second email website to encrypt an email and send the email to the user; d) encrypting the email using the public key; e) decrypting the email using the private key; and f) sending and displaying, on the client computer, the decrypted email. - View Dependent Claims (15, 16)
-
Specification