×

Identity-based certificate management

  • US 8,707,031 B2
  • Filed: 04/07/2009
  • Issued: 04/22/2014
  • Est. Priority Date: 04/07/2009
  • Status: Active Grant
First Claim
Patent Images

1. A method for validating a digital certificate issued to a client system and associated with a specific client identity, the method comprising:

  • receiving the digital certificate from the client system, the digital certificate including a user identifier and a certificate validity period indicator defined by a validity start time and a validity end time, the user identifier corresponding to the specific client identity;

    generating a first query to a directory service having a plurality of entries each associated with different client identities, the client identities each associated with a plurality of informational attributes stored in the directory service, the first query including a request for a first entry associated with the specific client identity, the first entry including a directory validity time value attribute for the specific client identity, wherein the plurality of informational attributes comprises at least some attributes unrelated to digital certificates;

    receiving the directory validity time value attribute returned by the first query; and

    validating the digital certificate in response to evaluations of the validity start time and the validity end time of the certificate validity period indicator against the received directory validity time value attribute and a current time;

    wherein the directory validity time value attribute is editable to revoke a plurality of digital certificates associated with the user identifier.

View all claims
  • 10 Assignments
Timeline View
Assignment View
    ×
    ×