Certificate generation using virtual attributes
First Claim
Patent Images
1. A method comprising:
- determining, by a processor, that a directory does not include client attributes associated with a client recipient in the directory; and
in response to determining that the directory does not include client attributes for the client recipient, accessing a client virtual attribute, wherein accessing the client virtual attribute causes the processor to perform operations comprising;
receiving a new certificate associated with but not authorized by the client recipient from a certificate authority, wherein the new certificate is signed by the certificate authority and is associated with a public key and a private key;
sending the new certificate and the public key to a client sender;
storing the signed new certificate and associated public key as client attributes for the client recipient in the directory; and
sending the private key to the client recipient.
1 Assignment
0 Petitions
Accused Products
Abstract
A server, method and/or computer-readable medium system for secure communication includes a certificate authority for generating certificates signed by the certificate authority and associated public and private keys for a client. The server further includes a directory of client attributes and client virtual attributes. At least one of the client virtual attributes is for, when receiving a query for a client that cannot be located in the directory, requesting the certificate authority to dynamically generate a certificate and associated public and private key for the client, and for storing the dynamically generated certificate and public key as a client attribute in the directory.
23 Citations
22 Claims
-
1. A method comprising:
-
determining, by a processor, that a directory does not include client attributes associated with a client recipient in the directory; and in response to determining that the directory does not include client attributes for the client recipient, accessing a client virtual attribute, wherein accessing the client virtual attribute causes the processor to perform operations comprising; receiving a new certificate associated with but not authorized by the client recipient from a certificate authority, wherein the new certificate is signed by the certificate authority and is associated with a public key and a private key; sending the new certificate and the public key to a client sender; storing the signed new certificate and associated public key as client attributes for the client recipient in the directory; and sending the private key to the client recipient. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer readable storage medium comprising computer executable instructions to cause a processor to perform operations comprising:
-
determining, by the processor, that a directory does not include client attributes associated with a client recipient in the directory; and in response to determining that the directory does not include client attributes for the client recipient, accessing a client virtual attribute, wherein accessing the client virtual attribute causes the processor to perform operations comprising; receiving a new certificate associated with but not authorized by the client recipient from a certificate authority, wherein the new certificate is signed by the certificate authority and is associated with a public key and a private key; sending the new certificate and the public key to a client sender; storing the signed new certificate and associated public key as client attributes for the client recipient in the directory; and sending the private key to the client recipient. - View Dependent Claims (6, 7)
-
-
8. A method comprising:
accessing a client virtual attribute in response to a determination that a directory does not include client attributes associated with the client recipient, wherein accessing the client virtual attribute causes a processor to perform operations comprising; generating a certificate, a public key, and a private key for the client recipient, wherein the public key and the private key are associated with the certificate; signing the certificate; providing the certificate and the public key to a client sender; storing the signed certificate and associated public key as client attributes for the client recipient in the directory; and sending the private key to the client recipient after performing a client authentication process. - View Dependent Claims (9, 10, 11, 12)
-
13. A server comprising:
-
a memory to store a directory; and a processor coupled to the memory, the processor to; determine that the directory does not include client attributes associated with a client recipient and, in response to determining that the directory does not include client attributes for the client recipient, accessing a client virtual attribute, wherein accessing the client virtual attribute causes the processor to; receive a new digital certificate associated with but not authorized by the client recipient from a certificate authority, wherein the new certificate is signed by the certificate authority and is associated with a public key and a private key; provide a copy of the public key to a client sender; store the signed new certificate and associated public key as client attributes for the client recipient in the directory; and provide the private key to the client recipient. - View Dependent Claims (14, 15)
-
-
16. A system comprising:
-
a memory to store a directory; and a processor coupled to the memory, the processor to; generate digital certificates and public keys for client recipients, the processor storing the digital certificates and the public keys in the directory as client attributes, determine that the directory does not include client attributes for a client recipient, in response to determining that the directory does not include client attributes for the client recipient, accessing the client virtual attribute, wherein accessing the client virtual attribute causes the processor to perform operations comprising; generating a digital certificate, an associated public key, and an associated private key for the client recipient; digitally signing the generated digital certificate; storing the digitally signed generated digital certificate and the associated public key as client attributes for the client recipient in the directory; and providing the associated public key to a client sender. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification