Method and apparatus for processing digitally signed messages to determine address mismatches
First Claim
1. A method of processing signed messages received at a computing device, the method comprising the steps of:
- a) receiving a message comprisinga header identifying at least a sender address,at least one portion of signed data,a digital signature corresponding to each portion of signed data, andat least one message separator;
b) determining whether a first message separator appears within a portion of signed data;
c) if the first message separator does not appear within a portion of signed data,performing at least one pre-determined action for each digital signature in the message that appears after the first message separator; and
d) if the first message separator appears within a portion of signed data,verifying that the sender address matches an address associated with a key used to generate a digital signature that appears after the first message separator and that corresponds to the portion of signed data within which the first message separator appears, andperforming at least one pre-determined action for each other digital signature in the message that appears after the first message separator.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for processing digitally signed messages in which address mismatch errors are detected. In at least one aspect, the number of address mismatch errors reported to a user for a message may be minimized for messages that properly incorporate message portions signed by someone other than the sender of the message, as may be the case where the message contains a conversation thread for example, by performing at least one predetermined action for digital signatures corresponding to signed data appearing after a message separator. The message separator may indicate that the message contains data from an older forwarded message or from an older message that has been replied to, for example. The at least one-predetermined action may comprise bypassing verification of address matches for those digital signatures, or verifying address matches for those digital signatures but suppressing user notification of any address mismatch errors, for example.
39 Citations
47 Claims
-
1. A method of processing signed messages received at a computing device, the method comprising the steps of:
-
a) receiving a message comprising a header identifying at least a sender address, at least one portion of signed data, a digital signature corresponding to each portion of signed data, and at least one message separator; b) determining whether a first message separator appears within a portion of signed data; c) if the first message separator does not appear within a portion of signed data, performing at least one pre-determined action for each digital signature in the message that appears after the first message separator; and d) if the first message separator appears within a portion of signed data, verifying that the sender address matches an address associated with a key used to generate a digital signature that appears after the first message separator and that corresponds to the portion of signed data within which the first message separator appears, and performing at least one pre-determined action for each other digital signature in the message that appears after the first message separator. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A physical computer-readable storage medium upon which a plurality of instructions are stored, the instructions for performing a method of processing signed messages received at a computing device, the method comprising:
-
receiving a message comprising a header identifying at least a sender address, at least one portion of signed data, a digital signature corresponding to each portion of signed data, and at least one message separator; determining whether a first message separator appears within a portion of signed data; if the first message separator does not appear within a portion of signed data, performing at least one pre-determined action for each digital signature in the message that appears after the first message separator; and if the first message separator appears within a portion of signed data, verifying that the sender address matches an address associated with a key used to generate a digital signature that appears after the first message separator and that corresponds to the portion of signed data within which the first message separator appears, and performing at least one pre-determined action for each other digital signature in the message that appears after the first message separator.
-
-
25. An apparatus adapted to perform a method of processing signed messages, the method comprising:
-
receiving a message comprising a header identifying at least a sender address, at least one portion of signed data, a digital signature corresponding to each portion of signed data, and at least one message separator; determining whether a first message separator appears within a portion of signed data; if the first message separator does not appear within a portion of signed data, performing at least one pre-determined action for each digital signature in the message that appears after the first message separator; and if the first message separator appears within a portion of signed data, verifying that the sender address matches an address associated with a key used to generate a digital signature that appears after the first message separator and that corresponds to the portion of signed data within which the first message separator appears, and performing at least one pre-determined action for each other digital signature in the message that appears after the first message separator. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
-
Specification