Streamlined process for enrollment of multiple digital certificates

US 8,468,583 B2
Filed: 02/23/2010
Issued: 06/18/2013
Est. Priority Date: 02/23/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a processing device associated with a certificate authority (CA), a request from a client to purchase a plurality of certificates;

receiving common contact information, payment information and a plurality of certificate signing requests from the client;

generating the plurality of certificates by the processing device responsive to the request for the plurality of certificates, the generating comprising;

generating a first certificate using the common contact information and a first cryptographic algorithm specified in a first certificate signing request of the plurality of certificate signing requests, wherein at least a portion of the common contact information is embodied in the first certificate; and

generating a second certificate using the common contact information and a second cryptographic algorithm specified in a second certificate signing request of the plurality of certificate signing requests, wherein at least a portion of the common contact information is embodied in the second certificate; and

transmitting the plurality of certificates to the client;

wherein the receiving of the request and the transmitting of the plurality of certificates are performed during a single enrollment process.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The enrollment process for purchasing multiple digital certificates configured using different cryptographic algorithms or hashing algorithms is streamlined. A certificate purchaser wishing to purchase two or more certificates is prompted to provide answers to common enrollment questions, such as the purchaser'"'"'s contact information, payment details, web server software, and the like, using a simplified and streamlined enrollment process. Each certificate is optionally configured using a different hashing algorithm.

Citations

16 Claims

1. A method comprising:
- receiving, by a processing device associated with a certificate authority (CA), a request from a client to purchase a plurality of certificates;
  
  receiving common contact information, payment information and a plurality of certificate signing requests from the client;
  
  generating the plurality of certificates by the processing device responsive to the request for the plurality of certificates, the generating comprising;
  
  generating a first certificate using the common contact information and a first cryptographic algorithm specified in a first certificate signing request of the plurality of certificate signing requests, wherein at least a portion of the common contact information is embodied in the first certificate; and
  
  generating a second certificate using the common contact information and a second cryptographic algorithm specified in a second certificate signing request of the plurality of certificate signing requests, wherein at least a portion of the common contact information is embodied in the second certificate; and
  
  transmitting the plurality of certificates to the client;
  
  wherein the receiving of the request and the transmitting of the plurality of certificates are performed during a single enrollment process.
- View Dependent Claims (2, 3, 10)
- - 2. The method of claim 1 wherein the first cryptographic algorithm is an ECC algorithm, and wherein the second cryptographic algorithm is an RSA algorithm.
  - 3. The method of claim 1 further comprising:
    - generating the first certificate using a first hashing algorithm; and
      
      generating the second certificate using a second hashing algorithm.
  - 10. The method of claim 1, further comprising:
    - responsive to receiving the request to purchase the plurality of certificates, prompting the client to supply the common contact information, the payment information and the plurality of certificate signing requests.

4. A method comprising:
- receiving, by a processing device associated with a single certificate authority (CA), a request from a client to purchase a plurality of certificates;
  
  receiving common contact information, payment information and a certificate signing request from the client;
  
  generating the plurality of certificates by the processing device responsive to the request for the plurality of certificates, the generating comprising;
  
  generating a first certificate using the common contact information, the certificate signing request and a first hashing algorithm, wherein at least a portion of the common contact information is embodied in the first certificate; and
  
  generating a second certificate using the common contact information, the certificate signing request and a second hashing algorithm, wherein at least a portion of the common contact information is embodied in the second certificate; and
  
  transmitting the plurality of certificates to the client;
  
  wherein the receiving of the request and the transmitting of the plurality of certificates are performed during a single enrollment process.
- View Dependent Claims (5, 6, 15)
- - 5. The method of claim 4 wherein the first hashing algorithm is a SHA-1 algorithm, and wherein the second hashing algorithm is a SHA-2 algorithm.
  - 6. The method of claim 4 further comprising:
    - generating the first certificate using a first cryptographic algorithm; and
      
      generating the second certificate using a second cryptographic algorithm.
  - 15. The method of claim 4, further comprising:
    - responsive to receiving the request to purchase the plurality of certificates, prompting the client to supply the common contact information, the payment information and the certificate signing request.

7. A computer system comprising:
- a memory; and
  
  a processor coupled to the memory, wherein the processor is configured to;
  
  receive a request from a client to purchase a plurality of certificates;
  
  receive common contact information, payment information an one or more certificate signing requests from the client;
  
  generate the plurality of certificates responsive to the request for the plurality of certificates, wherein generating the plurality of certificates comprises;
  
  generating a first certificate using the common contact information and at least one of a first cryptographic algorithm or a first hashing algorithm, wherein at least a portion of the common contact information is embodied in the first certificate; and
  
  generating a second certificate using the common contact information and at least one of a second cryptographic algorithm or a second hashing algorithm, wherein at least a portion of the common contact information is embodied in the second certificate; and
  
  transmitting the plurality of certificates to the client;
  
  wherein the receiving of the request and the transmitting of the plurality of certificates are performed during a single enrollment process.
- View Dependent Claims (8, 9, 16)
- - 8. The computer system of claim 7 wherein said computer is further adapted to:
    - generate the first certificate using an ECC algorithm; and
      
      generate the second certificate using an RSS algorithm.
  - 9. The computer system of claim 7 wherein said processor is further configured to:
    - generate the first certificate using a SHA-1 algorithm; and
      
      generate the second certificate using a SHA-2 algorithm.
  - 16. The computer system of claim 7, wherein the processor is further configured to prompt the client to supply the common contact information, the payment information and the one or more certificate signing requests responsive to receiving the request to purchase the plurality of certificates.

11. A non-transitory computer readable storage medium having instructions that, when executed by a processing device, cause the processing device to perform a method comprising:
- receiving, by the processing device, a request from a client to purchase a plurality of certificates;
  
  receiving common contact information, payment information and a plurality of certificate signing requests from the client;
  
  generating the plurality of certificates by the processing device responsive to the request for the plurality of certificates, the generating comprising;
  
  generating a first certificate using the common contact information and a first cryptographic algorithm specified in a first certificate signing request of the plurality of certificate signing requests, wherein at least a portion of the common contact information is embodied in the first certificate; and
  
  generating a second certificate using the common contact information and a second cryptographic algorithm specified in a second certificate signing request of the plurality of certificate signing requests, wherein at least a portion of the common contact information is embodied in the second certificate; and
  
  transmitting the plurality of certificates to the client;
  
  wherein the receiving of the request and the transmitting of the plurality of certificates are performed during a single enrollment process.
- View Dependent Claims (12, 13, 14)
- - 12. The non-transitory computer readable storage medium of claim 11 wherein the first cryptographic algorithm is an ECC algorithm, and wherein the second cryptographic algorithm is an RSA algorithm.
  - 13. The non-transitory computer readable storage medium of claim 11, the method further comprising:
    - generating the first certificate using a first hashing algorithm; and
      
      generating the second certificate using a second hashing algorithm.
  - 14. The non-transitory computer readable storage medium of claim 11, the method further comprising:
    - responsive to receiving the request to purchase the plurality of certificates, prompting the client to supply the common contact information, the payment information and the plurality of certificate signing requests.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DigiCert Incorporated
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Andrews, Richard F.
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
BRUNNER, JARON KENNETH

Application Number

US12/710,665
Publication Number

US 20110208962A1
Time in Patent Office

1,211 Days
Field of Search

None
US Class Current

726/6
CPC Class Codes

H04L 2209/56 Financial cryptography, e.g...

H04L 9/3268 using certificate validatio...

Streamlined process for enrollment of multiple digital certificates

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Streamlined process for enrollment of multiple digital certificates

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links