Embedded extrinsic source for digital certificate validation
First Claim
Patent Images
1. A method of validating a first digital certificate, the method comprising the steps of:
- a computer receiving the first digital certificate including information defining a validity period and information specifying a first extrinsic source;
the computer determining that the first digital certificate includes an indicator value of criticality asserting that the computer is required to receive a current date and time value from one of a plurality of extrinsic sources;
the computer reading the first digital certificate to identify an address of the first extrinsic source;
the computer requesting the current date and time value from the first extrinsic source;
the computer receiving the current date and time value;
the computer comparing the current date and time value to the validity period of the first digital certificate; and
the computer determining if the current date and time value is within the validity period.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer uses the information included within a digital certificate to obtain a current date and time value from a trusted extrinsic trusted source and the computer compares the obtained current date and time value to a validity period included in the digital certificate to determine if the digital certificate is expired. The information included within the digital certificate specifying an extrinsic source for the current date and time value can be included in an extension of the digital certificate, and the information can specify a plurality of extrinsic sources.
9 Citations
17 Claims
-
1. A method of validating a first digital certificate, the method comprising the steps of:
-
a computer receiving the first digital certificate including information defining a validity period and information specifying a first extrinsic source; the computer determining that the first digital certificate includes an indicator value of criticality asserting that the computer is required to receive a current date and time value from one of a plurality of extrinsic sources; the computer reading the first digital certificate to identify an address of the first extrinsic source; the computer requesting the current date and time value from the first extrinsic source; the computer receiving the current date and time value; the computer comparing the current date and time value to the validity period of the first digital certificate; and the computer determining if the current date and time value is within the validity period. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer system to validate a digital certificate, the computer system comprising:
-
one or more processors, one or more computer-readable memories, one or more computer-readable tangible storage devices, and program instructions stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, the program instructions comprising; program instructions to receive a digital certificate including information defining a validity period and information specifying a first extrinsic source; program instructions to determine that the digital certificate includes an indicator value of criticality asserting that the computer is required to receive a current date and time value from one of a plurality of extrinsic sources; program instructions to read the first digital certificate to identify an address of the first extrinsic source; program instructions to request the current date and time value from the first extrinsic source; program instructions to receive the current date and time value; program instructions to compare the current date and time value to the validity period; and program instructions to determine if the current date and time value is within the validity period.
-
-
12. A computer program product to validate a digital certificate, the computer program product comprising:
-
one or more computer-readable storage devices and program instructions stored on at least one of the one or more tangible storage devices, the program instructions comprising; program instructions to receive a digital certificate including information defining a validity period and information specifying a first extrinsic source; program instructions to determine that the digital certificate includes an indicator value of criticality asserting that the computer is required to receive a current date and time value from one of a plurality of extrinsic sources; program instructions to read the digital certificate to identify an address of the first extrinsic source; program instructions to request the current date and time value from the first extrinsic source; program instructions to receive the current date and time value; program instructions to compare the current date and time value to the validity period; and program instructions to determine if the current date and time value is within the validity period. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method of creating a digital certificate, the method comprising the steps of:
-
a computer creating the digital certificate including information defining a validity period and information specifying one or more extrinsic sources; and the computer distributing the digital certificate to a receiving computer, wherein; the receiving computer is configured to read the first digital certificate to identify an address of the one or more extrinsic sources, the receiving computer is configured to determine that the digital certificate includes an indicator value of criticality asserting that the computer is required to receive a current date and time value from one of the one or more extrinsic sources, the receiving computer is configured to request the current date and time value from the one of the one or more extrinsic sources, the receiving computer is configured to receive the current date and time value, the receiving computer is configured to compare the current date and time value from the one of the one or more extrinsic sources to the validity period, and the receiving computer is configured to determine if the current date and time value is within the validity period.
-
Specification