System and method for retrieving related certificates

US 8,589,677 B2
Filed: 12/13/2011
Issued: 11/19/2013
Est. Priority Date: 09/01/2004
Status: Active Grant

First Claim

Patent Images

1. A method of searching and retrieving certificates for use in the processing of an encoded message, said method comprising:

receiving a message comprising an end entity certificate;

performing a search on a certificate server, wherein at least one query is submitted by an application executing on a computing device to the certificate server to request retrieval of all certificate authority certificates and cross-certificates issued by a certificate issuer of one organization that are stored on the certificate server and are related to the end entity certificate, automatically in response to receiving the message, wherein each of said certificate authority certificates is issued to a certificate issuer within said organization, and wherein each of said cross-certificates is issued to a certificate issuer of a different organization; and

retrieving the certificate authority certificates and cross-certificates and storing on the computing device the certificate authority certificates and cross-certificates.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments described herein facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates.

180 Citations

21 Claims

1. A method of searching and retrieving certificates for use in the processing of an encoded message, said method comprising:
- receiving a message comprising an end entity certificate;
  
  performing a search on a certificate server, wherein at least one query is submitted by an application executing on a computing device to the certificate server to request retrieval of all certificate authority certificates and cross-certificates issued by a certificate issuer of one organization that are stored on the certificate server and are related to the end entity certificate, automatically in response to receiving the message, wherein each of said certificate authority certificates is issued to a certificate issuer within said organization, and wherein each of said cross-certificates is issued to a certificate issuer of a different organization; and
  
  retrieving the certificate authority certificates and cross-certificates and storing on the computing device the certificate authority certificates and cross-certificates.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising downloading the end entity certificate and all certificate authority certificates and cross-certificates related to the end entity certificate to a mobile device.
  - 3. The method of claim 2, further comprising storing the end entity certificate and all certificate authority certificates and cross-certificates related to the end entity certificate on the mobile device.
  - 4. The method of claim 1, wherein the certificate server comprises an LDAP server.
  - 5. The method of claim 1, wherein the computing device comprises a desktop computer.
  - 6. The method of claim 1, wherein the computing device comprises a mobile device.
  - 7. The method of claim 1, wherein the computing device comprises a message management server or a message server.

8. A non-transitory computer-readable medium storing computer executable instructions, the instructions, which when executed by a processor of a computing device, cause the processor to perform acts of a method of searching and retrieving certificates for use in the processing of an encoded message, said acts comprising:
- receiving a message comprising an end entity certificate;
  
  performing a search on a certificate server, wherein at least one query is submitted by an application executing on the computing device to the certificate server to request retrieval of all certificate authority certificates and cross-certificates issued by a certificate issuer of one organization that are stored on the certificate server and are related to the end entity certificate, automatically in response to receiving the message, wherein each of said certificate authority certificates is issued to a certificate issuer within said organization, and wherein each of said cross-certificates is issued to a certificate issuer of a different organization; and
  
  retrieving the certificate authority certificates and cross-certificates and storing on the computing device the certificate authority certificates and cross-certificates.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The medium of claim 8, wherein the acts further comprise downloading the end entity certificate and all certificate authority certificates and cross-certificates related to the end entity certificate to a mobile device.
  - 10. The medium of claim 9, wherein the acts further comprise storing the end entity certificate and all certificate authority certificates and cross-certificates related to the end entity certificate on the mobile device.
  - 11. The medium of claim 8, wherein the certificate server comprises an LDAP server.
  - 12. The medium of claim 8, wherein the computing device comprises a desktop computer.
  - 13. The medium of claim 8, wherein the computing device comprises a mobile device.
  - 14. The medium of claim 8, wherein the computing device comprises a message management server or a message server.

15. A system for searching and retrieving certificates comprising a processor of a computing device configured to:
- receive a message comprising an end entity certificate;
  
  perform a search on a certificate server, wherein at least one query is submitted by an application executing on the computing device to the certificate server to request retrieval of all certificate authority certificates and cross-certificates issued by a certificate issuer of one organization that are stored on the certificate server and are related to the end entity certificate, automatically in response to receiving the message, wherein each of said certificate authority certificates is issued to a certificate issuer within said organization, and wherein each of said cross-certificates is issued to a certificate issuer of a different organization; and
  
  retrieve the certificate authority certificates and cross-certificates and store on the computing device the certificate authority certificates and cross-certificates.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15, wherein the processor is further configured to download the end entity certificate and all certificate authority certificates and cross-certificates related to the end entity certificate to a mobile device.
  - 17. The system of claim 16, wherein the processor is further configured to store the end entity certificate and all certificate authority certificates and cross-certificates related to the end entity certificate on the mobile device.
  - 18. The system of claim 16, wherein the certificate server comprises an LDAP server.
  - 19. The system of claim 15, wherein the computing device comprises a desktop computer.
  - 20. The system of claim 15, wherein the computing device comprises a mobile device.
  - 21. The system of claim 15, wherein the computing device comprises a message management server or a message server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Brown, Michael Stephen, Little, Herbert Anthony, Adams, Neil Patrick, Kirkup, Michael Grant, Brown, Michael Kenneth
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
DOAN, TRANG T

Application Number

US13/324,364
Publication Number

US 20120084556A1
Time in Patent Office

707 Days
Field of Search

None
US Class Current

713/156
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 61/4523   using lightweight directory...

H04L 63/0823   using certificates cryptogr...

H04L 9/3265   using certificate chains, t...

H04W 12/0433   Key management protocols

System and method for retrieving related certificates

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

180 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

System and method for retrieving related certificates

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

180 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others