Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2005-11-29
2005-11-29
Ali, Mohammad (Department: 2167)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000, C707S793000, C713S156000, C713S158000, C705S076000, C705S078000
Reexamination Certificate
active
06970862
ABSTRACT:
Methods and systems in accordance with the present invention efficiently validate digital certificates by answering Online Certificate Status Protocol (“OCSP”) requests without Certificate Revocation Lists (“CRL”). During validation of digital certificates, these methods and systems speed transmission, reduce required bandwidth and reduce required data storage by eliminating the need for the transmission of lengthy CRLs from a Certificate Authority (“CA”) when verifying a digital certificate from a client. In one implementation, they send a Lightweight Directory Access Protocol (“LDAP”) database query to a CA directory server to determine and pinpoint the existence of a valid digital certificate and check its validity without receiving a long list of data, such as a CRL, from a CA. The CA directory server returns the query result, and the database query in the CA directory server is performed faster than using an entire CRL, and furthermore, the transmission of the database query result is a small piece of information and does not require the large amounts of data transmission bandwidth and storage as required with transmitting CRL's.
REFERENCES:
patent: 5287270 (1994-02-01), Hardy et al.
patent: 5465206 (1995-11-01), Hilt et al.
patent: 5652786 (1997-07-01), Rogers
patent: 5684965 (1997-11-01), Pickering
patent: 5699528 (1997-12-01), Hogan
patent: 6070150 (2000-05-01), Remington et al.
patent: 6134551 (2000-10-01), Aucsmith
patent: 6233577 (2001-05-01), Ramasubramani et al.
patent: 6487658 (2002-11-01), Micali
patent: 6519571 (2003-02-01), Guheen et al.
patent: 6658488 (2003-12-01), Peters et al.
patent: 2002/0004773 (2002-01-01), Xu et al.
patent: 2002/0029200 (2002-03-01), Dulin et al.
patent: 2002/0104000 (2002-08-01), Kang et al.
patent: 2002/0116609 (2002-08-01), Yellepeddy et al.
patent: 2002/0166049 (2002-11-01), Sinn
Wohlmacher, Petra, “Digital Certificates: a Survey of Revocation Methods”, Proceeding of The 2000 ACM Workshop on Multimedia, Nov. 2000, pp. 111-114.
Myers et al, “X.509 Internet Public Key Infrastructure—Online Certificate Status Protocol—OCSP”, Internet Draft RFC 2560, Jun. 1999, 22 pages.
Rivest, Ronald, “Can We Elminate Certificate Revocation Lists?”, Proceeding of Financial Cryptography 1998, Feb. 1998, pp. 178-183.
Micali, Silvio, “Efficient Certificate Revocation”, Laboratory for Computer Science, M.I.T, Cambridge, Mass. Mar. 22, 1996.
Forne, Castro. “A Model to Evaluate Certificate Revocation”. SCI'2000, Electronic Commerce invited session. Orlando (USA).
Iliadis et al. “Evaluating Certificate Status Information Mechanisms,” Proceedings of the 7th ACM Conference on Computer and Communications Security, 2000, pp. 1-8.
Naor et al. “Certificate Revocation and Certificate Update”, Proceedings of the 7th USENIX Security Symposium, Texas 1998, 12 pages.
Hallum-Baker, “Comments on Certificate Status”, Jun. 15, 1998.
U.S. Appl. No. 60/258,087.
U.S. Appl. No. 60/285,524.
Ali Mohammad
Finnegan Henderson Farabow Garrett & Dunner L.L.P.
Pham Khanh
Sun Microsystems Inc.
LandOfFree
Method and system for answering online certificate status... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for answering online certificate status..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for answering online certificate status... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3516850