Tools for generating PKI email accounts
First Claim
Patent Images
1. A system comprising:
- a) a client computer communicatively coupled to a network and operated by a user, wherein the client computer does not store or recall PKI keys;
b) an email server communicatively coupled to the network;
c) a PKI email account website hosted on one or more computers in the network, communicatively coupled to the email server, and configured to;
i) receive a PKI email account request from the user;
ii) generate and send a keypair generation request to a keystore system; and
iii) create a PKI email account for the user, wherein the PKI email account is configured to access one or more cryptographic functions stored in the keystore system to securely receive and transmit mail, wherein the PKI email account is accessible to a client-based email software and wherein the client-based email software is configured to read and send email messages; and
d) the keystore system comprising a keypair generation software and a data storage hosted on the one or more computers, and configured to;
i) generate and send a certificate signing request comprising the public key and a distinguished name, without interaction from the user and responsive to the keypair generation request, to a certificate authority, wherein the certificate authority automatically trusts one or more certificate signing requests from the keystore system and wherein the certificate authority is hosted on the one or more computers hosting the keystore system; and
ii) receive, install and store a signed certificate from the certificate authority.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.
-
Citations
17 Claims
-
1. A system comprising:
-
a) a client computer communicatively coupled to a network and operated by a user, wherein the client computer does not store or recall PKI keys; b) an email server communicatively coupled to the network; c) a PKI email account website hosted on one or more computers in the network, communicatively coupled to the email server, and configured to; i) receive a PKI email account request from the user; ii) generate and send a keypair generation request to a keystore system; and iii) create a PKI email account for the user, wherein the PKI email account is configured to access one or more cryptographic functions stored in the keystore system to securely receive and transmit mail, wherein the PKI email account is accessible to a client-based email software and wherein the client-based email software is configured to read and send email messages; and d) the keystore system comprising a keypair generation software and a data storage hosted on the one or more computers, and configured to; i) generate and send a certificate signing request comprising the public key and a distinguished name, without interaction from the user and responsive to the keypair generation request, to a certificate authority, wherein the certificate authority automatically trusts one or more certificate signing requests from the keystore system and wherein the certificate authority is hosted on the one or more computers hosting the keystore system; and ii) receive, install and store a signed certificate from the certificate authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification