Method, product and apparatus for accelerating public-key certificate validation
First Claim
1. A method for authenticating validity of a public key certificate in compliance with a request, performed by a validation authority apparatus for certificates, said method comprising the steps of:
- searching for paths and validating the paths searched for;
registering a searching and validating result in a path database; and
validity authentication, comprising the steps of;
receiving a request for authenticating validity of a public key certificate, from a terminal device;
in a case where any valid path corresponding to the validity authentication request is registered in the path database, validating a public key certificate in the request by using a valid path; and
in a case where no valid path corresponding to the validity authentication request is registered in the path database, searching a new path and validating the public key certificate in the request by using the searched path;
wherein;
at the registering step, information indicating whether paths are valid or invalid in accordance with results of searching for paths and validating the paths is registered in the path database, and at the validity authentication, in a case where a path corresponding to the validity authentication request is registered as the valid path or the invalid path in the path database, authentication of the validity of the public key certificate in the request is performed in accordance with the registered results;
the said method further comprising the steps of;
performing path validation in compliance with the validity authentication request, in a case where, at the validity authentication, a constraint item is described in a pertinent public key certificate or any public key certificate included in a pertinent path, although a path corresponding to the validity authentication request is registered as a valid path in the path database, and determining if the pertinent public key certificate and the pertinent path satisfy the constraint item; and
judging the pertinent path as a valid path if the constraint item is satisfied.
0 Assignments
0 Petitions
Accused Products
Abstract
A validation authority for certificates searches for and verifies paths and certificate revocation lists periodically, and classifies the paths into valid paths and invalid paths in accordance with the results of the validations, so as to register the paths in databases beforehand. Besides, in a case where a request for authenticating the validity of a certificate has been received from an end entity, the validation authority judges the validity of the public key certificate by checking in which of the valid-path database and the invalid-path database a path corresponding to the request is registered. On the other hand, in a case where the path corresponding to the validity authentication request is not registered in either of the databases, the validity of the public key certificate is authenticated by performing path search and validation anew.
17 Citations
8 Claims
-
1. A method for authenticating validity of a public key certificate in compliance with a request, performed by a validation authority apparatus for certificates, said method comprising the steps of:
-
searching for paths and validating the paths searched for; registering a searching and validating result in a path database; and validity authentication, comprising the steps of; receiving a request for authenticating validity of a public key certificate, from a terminal device; in a case where any valid path corresponding to the validity authentication request is registered in the path database, validating a public key certificate in the request by using a valid path; and in a case where no valid path corresponding to the validity authentication request is registered in the path database, searching a new path and validating the public key certificate in the request by using the searched path; wherein;
at the registering step, information indicating whether paths are valid or invalid in accordance with results of searching for paths and validating the paths is registered in the path database, and at the validity authentication, in a case where a path corresponding to the validity authentication request is registered as the valid path or the invalid path in the path database, authentication of the validity of the public key certificate in the request is performed in accordance with the registered results;the said method further comprising the steps of;
performing path validation in compliance with the validity authentication request, in a case where, at the validity authentication, a constraint item is described in a pertinent public key certificate or any public key certificate included in a pertinent path, although a path corresponding to the validity authentication request is registered as a valid path in the path database, and determining if the pertinent public key certificate and the pertinent path satisfy the constraint item; andjudging the pertinent path as a valid path if the constraint item is satisfied. - View Dependent Claims (2, 3, 4)
-
-
5. A method for authenticating validity of a public key certificate performed by a computer to authenticate validity of the certificate, comprising the steps of:
-
searching for paths and validating the paths searched for; registering a searching and validating result in a path database; and validity authentication, comprising the steps of; in a case where any valid path corresponding to a validity authentication request is registered in the path database, validating a public key certificate in the request by using a valid path; and in a case where no valid path corresponding to the validity authentication request is registered in the path database, searching a new path and validating a public key certificate in the request by using the searched path; wherein;
at the registering step, information indicating valid paths and invalid paths in accordance with results of searching paths and validating the searched paths is registered in the path database, and at the validity authentication, in a case where a path corresponding to the validity authentication request is registered as the valid path or the invalid path in the path database, the validity authentication of the public key certificate in the request is performed in accordance with the registered results;the said method further comprising the steps of;
performing path validation in compliance with the validity authentication request, in a case where, at the validity authentication, a constraint item is described in a pertinent public key certificate or any public key certificate included in a pertinent path, although a path corresponding to the validity authentication request is registered as a valid path in the path database, and determining if the pertinent public key certificate and the pertinent path satisfy the constraint item; andjudging the pertinent path as a valid path if the constraint item is satisfied. - View Dependent Claims (6, 7, 8)
-
Specification