Embedded extrinsic source for digital certificate validation

US 9,264,236 B2
Filed: 01/05/2015
Issued: 02/16/2016
Est. Priority Date: 03/23/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A method of validating a digital certificate, the method comprising:

a computer receiving a first digital certificate that includes within the first digital certificate, information specifying a first extrinsic source of a trusted current date and time value;

the computer reading the information included within the first digital certificate specifying the first extrinsic source of the trusted current date and time value;

the computer requesting the trusted current date and time value, based on the information specifying the first extrinsic source that is included within the first digital certificate;

the computer receiving the trusted current date and time value; and

the computer comparing the trusted current date and time value to a validity period of the first digital certificate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer uses the information included within a digital certificate to obtain a current date and time value from a trusted source extrinsic to the computer. The computer requests and receives the trusted current date and time value and compares the trusted current date and time value to a validity period included in the digital certificate, to determine if the digital certificate is expired. The information included within the digital certificate specifying an extrinsic source for the current date and time value can be included in an extension of the digital certificate, and the information can specify a plurality of extrinsic sources.

Citations

20 Claims

1. A method of validating a digital certificate, the method comprising:
- a computer receiving a first digital certificate that includes within the first digital certificate, information specifying a first extrinsic source of a trusted current date and time value;
  
  the computer reading the information included within the first digital certificate specifying the first extrinsic source of the trusted current date and time value;
  
  the computer requesting the trusted current date and time value, based on the information specifying the first extrinsic source that is included within the first digital certificate;
  
  the computer receiving the trusted current date and time value; and
  
  the computer comparing the trusted current date and time value to a validity period of the first digital certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 20)
- - 2. The method of claim 1, wherein the information specifying the first extrinsic source includes a uniform resource locator (URL) address.
  - 3. The method of claim 1, wherein the trusted current data and time is received from the first extrinsic source, specified within the first digital certificate.
  - 4. The method of claim 1, further comprising the step of the computer requesting the trusted current date and time value from a second extrinsic source based on information specifying the second extrinsic source included within the first digital certificate.
  - 5. The method of claim 4, wherein the step of the computer receiving the trusted current date and time value includes the computer receiving the trusted current date and time value from the second extrinsic source.
  - 6. The method of claim 4, wherein a network address of the second extrinsic source is received by the computer from the first extrinsic source.
  - 7. The method of claim 5 wherein the trusted current date and time value is provided to the first extrinsic source by the second extrinsic source, and wherein the trusted current date and time value is provided to the computer by the first extrinsic source.
  - 8. The method of claim 1 wherein the step of the computer receiving the first digital certificate further includes information included within the first digital certificate specifying a plurality of extrinsic sources.
  - 9. The method of claim 1, wherein the information specifying the first extrinsic source is included within an extension section within the first digital certificate.
  - 10. The method of claim 1, wherein the step of the computer receiving the trusted current date and time value, includes receiving the trusted current date and time value within a second digital certificate sent from the extrinsic source whose location information is included within the first digital certificate.
  - 20. The method of claim 1, wherein the information specifying the first extrinsic source of a trusted current date and time value is included within the digital certificate upon the generation of the digital certificate.

11. A computer program product to validate a digital certificate, the computer program product comprising:
- one or more computer-readable storage devices and program instructions stored on at least one of the one or more tangible storage devices, the program instructions comprising;
  
  program instructions to receive a first digital certificate that includes within the first digital certificate, information specifying a first extrinsic source of a trusted current date and time value;
  
  the computer reading the information included within the first digital certificate specifying the first extrinsic source of the trusted current date and time value;
  
  program instructions to request the trusted current date and time value, based on the information specifying the first extrinsic source that is included within the first digital certificate;
  
  the computer receiving the trusted current date and time value; and
  
  the computer comparing the trusted current date and time value to a validity period of the first digital certificate.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The computer program product of claim 11, wherein the information specifying the first extrinsic source includes a uniform resource locator (URL) address.
  - 13. The computer program product of claim 11, further comprising the step of the computer requesting the trusted current date and time value from a second extrinsic source, based on information specifying the second extrinsic source included within the first digital certificate.
  - 14. The computer program product of claim 13, wherein the step of the computer receiving the trusted current date and time value includes the computer receiving the trusted current date and time value from the second extrinsic source.
  - 15. The computer program product of claim 13, wherein a network address of the second extrinsic source is received by the computer from the first extrinsic source.
  - 16. The computer program product of claim 14 wherein the trusted current date and time value is provided to the first extrinsic source by the second extrinsic source, and wherein the trusted current date and time value is provided to the computer by the first extrinsic source.
  - 17. The computer program product of claim 11, wherein the information specifying the first extrinsic source is included within an extension section within the first digital certificate.
  - 18. The computer program product of claim 11, wherein the program instructions of receiving the trusted current date and time value, includes receiving the trusted current date and time value within a second digital certificate sent from the extrinsic source whose location information is included within the first digital certificate.

19. A method of creating a digital certificate, the method comprising the steps of:
- a computer creating a digital certificate that includes within the digital certificate, information specifying one or more extrinsic sources of a trusted current date and time value; and
  
  the computer distributing the digital certificate to a receiving computer, wherein the receiving computer is configured to request a trusted current date and time value from at least one of the one or more extrinsic sources of a trusted current date and time value, based on the information specifying the one or more extrinsic sources included within the digital certificate, and the receiving computer is configured to receive the trusted current date and time value, and compare the trusted current date and time value that is received from the one or more extrinsic sources, to a validity period included within the digital certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Akehurst-Ryan, Andrew D., McKechan, David J., Reece, Stuart J.
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Ambaye, Samuel

Application Number

US14/589,159
Publication Number

US 20150121069A1
Time in Patent Office

407 Days
Field of Search

713/156, 713/157, 713/158
US Class Current

1/1
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/32   including means for verifyi...

H04L 9/3268   using certificate validatio...

H04L 9/40   Network security protocols

Embedded extrinsic source for digital certificate validation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Embedded extrinsic source for digital certificate validation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links