CA2408639A1 - Method and apparatus for self-authenticating digital records - Google Patents
Method and apparatus for self-authenticating digital records Download PDFInfo
- Publication number
- CA2408639A1 CA2408639A1 CA002408639A CA2408639A CA2408639A1 CA 2408639 A1 CA2408639 A1 CA 2408639A1 CA 002408639 A CA002408639 A CA 002408639A CA 2408639 A CA2408639 A CA 2408639A CA 2408639 A1 CA2408639 A1 CA 2408639A1
- Authority
- CA
- Canada
- Prior art keywords
- digital
- document
- certificate
- certification authority
- certificate revocation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2151—Time stamp
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Abstract
A method for proving the validity of a record digitally signed by a user having a digital certificate issued by a certification authority within a hierarchy of certification authorities. The user signs the record (502), and obtains the digital certificates and certificate revocation information for all the certification authorities in the chain of the hierarchy extending from the user to the root certification authority. A timestamp is applied to the record (506), the digital certificates and the certificate revocation information to establish a point in time in which all items were created, current and valid. If, at some later point, one or more of the digital certificates either expire or are revoked, the timestamp serves as evidence of the integrity of the signed record.
Claims (29)
1. A method of authenticating a first document, the method comprising:
a step of digitally signing the first document using a first digital certificate provided by a first certification authority to produce a first digital signature;
a step of obtaining a second digital certificate issued by a second certification authority to the first certification authority, wherein the second digital certificate was used to issue the first digital certificate;
a step of obtaining first and second certificate revocation information identifying digital certificates which have been revoked by said first and second certification authorities, respectively; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document, the first and second digital certificates, and the first and second certificate revocation information, to thereby establish a point in a time when the first digital signature was valid.
a step of digitally signing the first document using a first digital certificate provided by a first certification authority to produce a first digital signature;
a step of obtaining a second digital certificate issued by a second certification authority to the first certification authority, wherein the second digital certificate was used to issue the first digital certificate;
a step of obtaining first and second certificate revocation information identifying digital certificates which have been revoked by said first and second certification authorities, respectively; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document, the first and second digital certificates, and the first and second certificate revocation information, to thereby establish a point in a time when the first digital signature was valid.
2. The method of claim 1, comprising a step of creating a second document comprising the digitally signed first document, the first and second digital certificates, and the first and second certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
3. The method of claim1, comprising a step of requesting that a first secure digital timestamp be applied to the digitally signed first document; and a step of creating a second document comprising the first and second digital certificates, and the first and second certificate revocation information; and a step of requesting that a second secure digital timestamp be applied to the second document.
4. The method of claim 2 or claim 3 wherein the second document is formatted as one in a group consisting of a compressed archive, a portable document format file, and a Multipart MIME encoded file.
5. The method of claim 1, wherein the second certification authority is a root certification authority within a hierarchy of certification authorities.
6. The method of claim 1, wherein the certificate revocation information comprises a first certificate revocation list identifying digital certificates revoked by the first certification authority and a second certificate revocation list identifying digital certificates revoked by the second certification authority.
7. The method of claim 6, wherein the first and second certificate revocation lists each comprise a CRLDP.
8. The method of claim 1, wherein the certificate revocation information comprises at least one OCSP response per digital certificate.
9. The method of claim 1, wherein the second digital certificate and the second certification information are obtained pursuant to at least one of an X.500 directory query, an LDAP query, a CMP query, and an electronic mail transfer.
10. The method of claim 9, wherein the second digital certificate and the second certification information are obtained pursuant to a transfer of information over the internet.
11. The method of claim1, further comprising:
a step of obtaining a third digital certificate issued by a third certification authority to the second certification authority; and a step of obtaining third certificate revocation information identifying digital certificates which have been revoked by the third certification authority; and wherein the step of requesting, requests that said at least one secure digital timestamp be applied to the digitally signed first document, the first, second and third digital certificates, and the first, second and third certificate revocation information.
a step of obtaining a third digital certificate issued by a third certification authority to the second certification authority; and a step of obtaining third certificate revocation information identifying digital certificates which have been revoked by the third certification authority; and wherein the step of requesting, requests that said at least one secure digital timestamp be applied to the digitally signed first document, the first, second and third digital certificates, and the first, second and third certificate revocation information.
12. The method of claim 11, wherein the third certification authority is a root certification authority in a hierarchy of certification authorities.
13. The method of claim 11, wherein the certificate revocation information comprises a first certificate revocation list identifying digital certificates revoked by the first certification authority, a second certificate revocation list identifying digital certificates revoked by the second certification authority, and a third certificate revocation list identifying digital certificates revoked by the third certification authority.
14. The method of claim 11, comprising obtaining the certificate revocation information after digitally signing the first document so that the certificate revocation information can be validated as of the time the first digital signature was created.
15. The method of claim 14, wherein the certificate revocation information comprises a first certificate revocation list identifying digital certificates revoked by the first certification authority, a second certificate revocation list identifying digital certificates revoked by the second certification authority, and a third certificate revocation list identifying digital certificates revoked by the third certification authority.
16. The method of claim 15, wherein the third certification authority is a root certification authority in a hierarchy of certification authorities.
17. The method of claim 11, further comprising:
obtaining a fourth digital certificate issued by a fourth certification authority to the third certification authority; and obtaining fourth certificate revocation information identifying digital certificates which have been revoked by the fourth certification authority;
and wherein the step of requesting, requests that said at least one secure digital timestamp be applied to the digitally signed first document, the first, second, third and fourth digital certificates, and the first, second, third and fourth certificate revocation information.
obtaining a fourth digital certificate issued by a fourth certification authority to the third certification authority; and obtaining fourth certificate revocation information identifying digital certificates which have been revoked by the fourth certification authority;
and wherein the step of requesting, requests that said at least one secure digital timestamp be applied to the digitally signed first document, the first, second, third and fourth digital certificates, and the first, second, third and fourth certificate revocation information.
18. A method according to claim 17, wherein the fourth certification authority is a root certification authority in a hierarchy of certification authorities.
19. A method for a user to authenticate a first document in a hierarchy of certification authorities including a chain of certification authorities having at least an integer number N levels, N >=2, the chain including a first level certification authority having an associated self signed root certificate and an N-th level certification authority, wherein the k th level certification authority is issued a k th-level digital certificate by the certification authority in the k-1th level, for k: 2 <= k <= N, and wherein an m th level certification authority, for some m: 2 <= m <= N, issues a user's digital certificate to the user, the method comprising:
a step of digitally signing the first document using the user's digital certificate to produce a first digital signature;
a step of obtaining a certificate chain corresponding to the user's digital certificate, the certificate chain comprising a total of m digital certificates, one from each of the m certification authorities in the certificate chain;
a step of obtaining certificate revocation information corresponding to the m certification authorities, the certificate revocation information identifying digital certificates which have been revoked by the m certification authorities; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document, the user's digital certificate, the certificate chain and the certificate revocation information.
a step of digitally signing the first document using the user's digital certificate to produce a first digital signature;
a step of obtaining a certificate chain corresponding to the user's digital certificate, the certificate chain comprising a total of m digital certificates, one from each of the m certification authorities in the certificate chain;
a step of obtaining certificate revocation information corresponding to the m certification authorities, the certificate revocation information identifying digital certificates which have been revoked by the m certification authorities; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document, the user's digital certificate, the certificate chain and the certificate revocation information.
20 20. The method of claim 19, comprising:
a step of creating a second document comprising the digitally signed first document, the user's digital certificate, the certificate chain and the certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
a step of creating a second document comprising the digitally signed first document, the user's digital certificate, the certificate chain and the certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
21. The method of claim 19, comprising:
a step of requesting that a first secure digital timestamp be applied to the digitally signed first document;
a step of creating a second document comprising the user's digital certificate, the certificate chain and the certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
a step of requesting that a first secure digital timestamp be applied to the digitally signed first document;
a step of creating a second document comprising the user's digital certificate, the certificate chain and the certificate revocation information; and a step of requesting that a secure digital timestamp be applied to the second document.
22. A method of authenticating a first document, the method comprising:
a step of digitally signing the first document to thereby create a digital signature; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document and also to validation information which attests to the validity of the digital signature.
a step of digitally signing the first document to thereby create a digital signature; and a step of requesting that at least one secure digital timestamp be applied to the digitally signed first document and also to validation information which attests to the validity of the digital signature.
23. The method of claim 22, further comprising:
a step of creating a second document comprising the digitally signed first document and the validation information, and a step of requesting that the secure digital timestamp be applied to the second document.
a step of creating a second document comprising the digitally signed first document and the validation information, and a step of requesting that the secure digital timestamp be applied to the second document.
24. The method of claim 22, comprising:
a step of requesting that a first secure digital timestamp be applied to the digitally signed first document; and a step of requesting that a second secure digital timestamp be applied to the validation information.
a step of requesting that a first secure digital timestamp be applied to the digitally signed first document; and a step of requesting that a second secure digital timestamp be applied to the validation information.
25. The method of claim 22, wherein the validation information includes a self-signed digital certificate issued by a root certification authority.
26. The method of claim 25, wherein the validation information includes all digital certificates and corresponding certificate revocation information in a certification chain within a hierarchy of certification authorities.
27. A computer readable medium having executable software code thereon, the executable software code comprising:
code to digitally sign a first document to thereby create a first digital signature;
code to request that at least one secure digital timestamp be applied to the digitally signed first document and also to validation information which attests to the validity of the digital signature.
code to digitally sign a first document to thereby create a first digital signature;
code to request that at least one secure digital timestamp be applied to the digitally signed first document and also to validation information which attests to the validity of the digital signature.
28. The computer readable medium according to claim 27, wherein the code comprises:
code to create a second document comprising the digitally signed first document and the validation information; and code to request that a secure digital timestamp be applied to the second document.
code to create a second document comprising the digitally signed first document and the validation information; and code to request that a secure digital timestamp be applied to the second document.
29. The computer readable medium according to claim 27, wherein the code comprises:
code to request that a first secure digital timestamp be applied to the digitally signed first document; and code to request that a second secure digital timestamp be applied to the validation information.
code to request that a first secure digital timestamp be applied to the digitally signed first document; and code to request that a second secure digital timestamp be applied to the validation information.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/571,859 US7047404B1 (en) | 2000-05-16 | 2000-05-16 | Method and apparatus for self-authenticating digital records |
US09/571,859 | 2000-05-16 | ||
PCT/US2001/015779 WO2001089133A2 (en) | 2000-05-16 | 2001-05-16 | Method and apparatus for self-authenticating digital records |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2408639A1 true CA2408639A1 (en) | 2001-11-22 |
CA2408639C CA2408639C (en) | 2011-07-19 |
Family
ID=24285357
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2408639A Expired - Lifetime CA2408639C (en) | 2000-05-16 | 2001-05-16 | Method and apparatus for self-authenticating digital records |
Country Status (8)
Country | Link |
---|---|
US (2) | US7047404B1 (en) |
EP (1) | EP1287637B1 (en) |
JP (1) | JP5060009B2 (en) |
AT (1) | ATE339817T1 (en) |
AU (1) | AU2001263173A1 (en) |
CA (1) | CA2408639C (en) |
DE (1) | DE60123048T2 (en) |
WO (1) | WO2001089133A2 (en) |
Families Citing this family (94)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1143658A1 (en) * | 2000-04-03 | 2001-10-10 | Canal+ Technologies Société Anonyme | Authentication of data transmitted in a digital transmission system |
GB2376389A (en) | 2001-06-04 | 2002-12-11 | Hewlett Packard Co | Packaging evidence for long term validation |
JP2003069559A (en) * | 2001-08-23 | 2003-03-07 | Sony Corp | Content protection system |
JP3901484B2 (en) * | 2001-10-05 | 2007-04-04 | 株式会社ジェイテクト | Electric power steering device |
DE50112767D1 (en) * | 2001-10-05 | 2007-09-06 | Stefan Krempl | Method and system for authorized decryption of encrypted data with at least two certificates |
GB2382006A (en) * | 2001-11-06 | 2003-05-14 | Ibm | Digital certificate containing the identity of an entity which will rely on the certificate |
US7921288B1 (en) | 2001-12-12 | 2011-04-05 | Hildebrand Hal S | System and method for providing different levels of key security for controlling access to secured items |
US7260555B2 (en) | 2001-12-12 | 2007-08-21 | Guardian Data Storage, Llc | Method and architecture for providing pervasive security to digital assets |
US7380120B1 (en) | 2001-12-12 | 2008-05-27 | Guardian Data Storage, Llc | Secured data format for access control |
US7565683B1 (en) | 2001-12-12 | 2009-07-21 | Weiqing Huang | Method and system for implementing changes to security policies in a distributed security system |
US10360545B2 (en) | 2001-12-12 | 2019-07-23 | Guardian Data Storage, Llc | Method and apparatus for accessing secured electronic data off-line |
US7930756B1 (en) | 2001-12-12 | 2011-04-19 | Crocker Steven Toye | Multi-level cryptographic transformations for securing digital assets |
US7921284B1 (en) | 2001-12-12 | 2011-04-05 | Gary Mark Kinghorn | Method and system for protecting electronic data in enterprise environment |
US8065713B1 (en) | 2001-12-12 | 2011-11-22 | Klimenty Vainstein | System and method for providing multi-location access management to secured items |
US7178033B1 (en) | 2001-12-12 | 2007-02-13 | Pss Systems, Inc. | Method and apparatus for securing digital assets |
US7921450B1 (en) | 2001-12-12 | 2011-04-05 | Klimenty Vainstein | Security system using indirect key generation from access rules and methods therefor |
US10033700B2 (en) | 2001-12-12 | 2018-07-24 | Intellectual Ventures I Llc | Dynamic evaluation of access rights |
US8006280B1 (en) | 2001-12-12 | 2011-08-23 | Hildebrand Hal S | Security system for generating keys from access rules in a decentralized manner and methods therefor |
US7475250B2 (en) * | 2001-12-19 | 2009-01-06 | Northrop Grumman Corporation | Assignment of user certificates/private keys in token enabled public key infrastructure system |
US7950066B1 (en) | 2001-12-21 | 2011-05-24 | Guardian Data Storage, Llc | Method and system for restricting use of a clipboard application |
US8176334B2 (en) | 2002-09-30 | 2012-05-08 | Guardian Data Storage, Llc | Document security system that permits external users to gain access to secured files |
US7181615B2 (en) | 2002-06-28 | 2007-02-20 | Motorola, Inc. | Method and system for vehicle authentication of a remote access device |
US7228420B2 (en) | 2002-06-28 | 2007-06-05 | Temic Automotive Of North America, Inc. | Method and system for technician authentication of a vehicle |
US7549046B2 (en) | 2002-06-28 | 2009-06-16 | Temic Automotive Of North America, Inc. | Method and system for vehicle authorization of a service technician |
US7325135B2 (en) | 2002-06-28 | 2008-01-29 | Temic Automotive Of North America, Inc. | Method and system for authorizing reconfiguration of a vehicle |
US7137001B2 (en) | 2002-06-28 | 2006-11-14 | Motorola, Inc. | Authentication of vehicle components |
US7131005B2 (en) | 2002-06-28 | 2006-10-31 | Motorola, Inc. | Method and system for component authentication of a vehicle |
US7127611B2 (en) * | 2002-06-28 | 2006-10-24 | Motorola, Inc. | Method and system for vehicle authentication of a component class |
US7600114B2 (en) | 2002-06-28 | 2009-10-06 | Temic Automotive Of North America, Inc. | Method and system for vehicle authentication of another vehicle |
US8171567B1 (en) | 2002-09-04 | 2012-05-01 | Tracer Detection Technology Corp. | Authentication method and system |
US7707406B2 (en) | 2002-11-08 | 2010-04-27 | General Instrument Corporation | Certificate renewal in a certificate authority infrastructure |
US7318155B2 (en) * | 2002-12-06 | 2008-01-08 | International Business Machines Corporation | Method and system for configuring highly available online certificate status protocol responders |
US7370212B2 (en) | 2003-02-25 | 2008-05-06 | Microsoft Corporation | Issuing a publisher use license off-line in a digital rights management (DRM) system |
US7308573B2 (en) * | 2003-02-25 | 2007-12-11 | Microsoft Corporation | Enrolling / sub-enrolling a digital rights management (DRM) server into a DRM architecture |
US7543140B2 (en) * | 2003-02-26 | 2009-06-02 | Microsoft Corporation | Revocation of a certificate and exclusion of other principals in a digital rights management (DRM) system based on a revocation list from a delegated revocation authority |
US8707034B1 (en) | 2003-05-30 | 2014-04-22 | Intellectual Ventures I Llc | Method and system for using remote headers to secure electronic files |
JP3928589B2 (en) * | 2003-06-12 | 2007-06-13 | コニカミノルタビジネステクノロジーズ株式会社 | Communication system and method |
US8127366B2 (en) | 2003-09-30 | 2012-02-28 | Guardian Data Storage, Llc | Method and apparatus for transitioning between states of security policies used to secure electronic documents |
US7703140B2 (en) | 2003-09-30 | 2010-04-20 | Guardian Data Storage, Llc | Method and system for securing digital assets using process-driven security policies |
US20050122345A1 (en) * | 2003-12-05 | 2005-06-09 | Kirn Kevin N. | System and method for media-enabled messaging having publish-and-send feature |
US7702909B2 (en) * | 2003-12-22 | 2010-04-20 | Klimenty Vainstein | Method and system for validating timestamps |
JP2005286443A (en) * | 2004-03-29 | 2005-10-13 | Ntt Data Corp | Certificate verification device and computer program thereof |
US7444509B2 (en) * | 2004-05-27 | 2008-10-28 | International Business Machines Corporation | Method and system for certification path processing |
EP1635529A1 (en) * | 2004-09-09 | 2006-03-15 | Daniel Akenine | Method and computer product for proving time and content of data records in a monitored system |
CN100346249C (en) * | 2004-12-31 | 2007-10-31 | 联想(北京)有限公司 | Method for generating digital certificate and applying the generated digital certificate |
US8438645B2 (en) | 2005-04-27 | 2013-05-07 | Microsoft Corporation | Secure clock with grace periods |
US8725646B2 (en) | 2005-04-15 | 2014-05-13 | Microsoft Corporation | Output protection levels |
US20060265758A1 (en) | 2005-05-20 | 2006-11-23 | Microsoft Corporation | Extensible media rights |
EP1927060B1 (en) | 2005-08-09 | 2019-10-09 | Nexsan Technologies Canada Inc. | Data archiving method and system |
JP4455474B2 (en) * | 2005-11-04 | 2010-04-21 | 株式会社東芝 | Time stamp update device and time stamp update program |
US8989390B2 (en) * | 2005-12-12 | 2015-03-24 | Qualcomm Incorporated | Certify and split system and method for replacing cryptographic keys |
WO2007072468A1 (en) | 2005-12-22 | 2007-06-28 | Digiprove Limited | Establishing proof of existence and possession of digital content |
US7757280B2 (en) * | 2006-01-17 | 2010-07-13 | International Business Machines Corporation | Method and system for memory protection and security using credentials |
DE102006019466B4 (en) * | 2006-04-26 | 2009-07-30 | Siemens Ag | Method and system for the tamper-proof establishment of a cryptographic key |
JP4783236B2 (en) * | 2006-08-09 | 2011-09-28 | 株式会社リコー | Image reading apparatus, image information verification apparatus, image reading method, image information verification method, and image reading program |
US20080100874A1 (en) * | 2006-10-25 | 2008-05-01 | Darcy Mayer | Notary document processing and storage system and methods |
US8583917B2 (en) * | 2006-11-30 | 2013-11-12 | Red Hat, Inc. | Distribution of certification statements into repository |
US8135950B2 (en) * | 2007-02-27 | 2012-03-13 | Red Hat, Inc. | Method and apparatus for managing digital certificates |
JP5060222B2 (en) * | 2007-09-11 | 2012-10-31 | 株式会社東芝 | Account management system, base account management device, derivative account management device, and program |
EP2053531B1 (en) * | 2007-10-25 | 2014-07-30 | BlackBerry Limited | Authentication certificate management for access to a wireless communication device |
US20090132813A1 (en) * | 2007-11-08 | 2009-05-21 | Suridx, Inc. | Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones |
US9117219B2 (en) * | 2007-12-31 | 2015-08-25 | Peer 39 Inc. | Method and a system for selecting advertising spots |
JP5018494B2 (en) * | 2008-01-16 | 2012-09-05 | ソニー株式会社 | Information processing apparatus, disk, information processing method, and program |
US20100125523A1 (en) * | 2008-11-18 | 2010-05-20 | Peer 39 Inc. | Method and a system for certifying a document for advertisement appropriateness |
US10943030B2 (en) | 2008-12-15 | 2021-03-09 | Ibailbonding.Com | Securable independent electronic document |
US8635442B2 (en) * | 2009-04-28 | 2014-01-21 | Adobe Systems Incorporated | System and method for long-term digital signature verification utilizing light weight digital signatures |
US20100318788A1 (en) * | 2009-06-12 | 2010-12-16 | Alexandro Salvarani | Method of managing secure communications |
US9608826B2 (en) * | 2009-06-29 | 2017-03-28 | Jpmorgan Chase Bank, N.A. | System and method for partner key management |
DE102009031143B3 (en) * | 2009-06-30 | 2010-12-09 | Siemens Aktiengesellschaft | Apparatus and method for creating and validating a digital certificate |
JP5105291B2 (en) | 2009-11-13 | 2012-12-26 | セイコーインスツル株式会社 | Long-term signature server, long-term signature terminal, long-term signature terminal program |
US8621204B2 (en) | 2009-12-23 | 2013-12-31 | Citrix Systems, Inc. | Systems and methods for evaluating and prioritizing responses from multiple OCSP responders |
US20110154026A1 (en) * | 2009-12-23 | 2011-06-23 | Christofer Edstrom | Systems and methods for parallel processing of ocsp requests during ssl handshake |
US8627063B2 (en) * | 2009-12-23 | 2014-01-07 | Citrix Systems, Inc. | Systems and methods for flash crowd control and batching OCSP requests via online certificate status protocol |
US20110179119A1 (en) * | 2010-01-08 | 2011-07-21 | William Bryan Penn | International data memorial.com ("IDM") |
US8499150B1 (en) * | 2010-11-11 | 2013-07-30 | Symantec Corporation | Selectively trusting signed files |
US20120173874A1 (en) * | 2011-01-04 | 2012-07-05 | Qualcomm Incorporated | Method And Apparatus For Protecting Against A Rogue Certificate |
JP2012175552A (en) * | 2011-02-23 | 2012-09-10 | Seiko Instruments Inc | Information processing device and information processing program |
JP5700423B2 (en) | 2011-02-23 | 2015-04-15 | セイコーインスツル株式会社 | Long-term signature terminal, long-term signature server, long-term signature terminal program, and long-term signature server program |
JP5822489B2 (en) * | 2011-03-07 | 2015-11-24 | キヤノン株式会社 | Information processing apparatus and computer program |
JP5786670B2 (en) * | 2011-11-17 | 2015-09-30 | ソニー株式会社 | Information processing apparatus, information storage apparatus, information processing system, information processing method, and program |
US8954732B1 (en) * | 2012-06-27 | 2015-02-10 | Juniper Networks, Inc. | Authenticating third-party programs for platforms |
WO2014001890A1 (en) | 2012-06-28 | 2014-01-03 | Ologn Technologies Ag | Secure key storage systems, methods and apparatuses |
US20140019762A1 (en) * | 2012-07-10 | 2014-01-16 | Digicert, Inc. | Method, Process and System for Digitally Signing an Object |
JP2014053797A (en) * | 2012-09-07 | 2014-03-20 | Toshiba Corp | Device and program for electronic document management |
US9270667B2 (en) * | 2012-11-01 | 2016-02-23 | Microsoft Technology Licensing, Llc | Utilizing X.509 authentication for single sign-on between disparate servers |
EP3082057B1 (en) * | 2013-12-09 | 2020-11-18 | Panasonic Intellectual Property Corporation of America | Authentication method and authentication system |
DE102014102168A1 (en) * | 2014-02-20 | 2015-09-03 | Phoenix Contact Gmbh & Co. Kg | Method and system for creating and validating device certificates |
EP2958265B1 (en) * | 2014-06-16 | 2017-01-11 | Vodafone GmbH | Revocation of a root certificate stored in a device |
GB2531247B (en) * | 2014-10-07 | 2021-10-06 | Arm Ip Ltd | Method, hardware and digital certificate for authentication of connected devices |
US9479338B2 (en) * | 2015-03-17 | 2016-10-25 | Digicert, Inc. | Method and system for certificate discovery and ranking certificate authorities |
US9882727B1 (en) * | 2015-10-02 | 2018-01-30 | Digicert, Inc. | Partitioning certificate revocation lists |
US10038723B2 (en) * | 2015-11-10 | 2018-07-31 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for reliable token revocation |
US10447467B2 (en) | 2016-05-04 | 2019-10-15 | International Business Machines Corporation | Revocable PKI signatures |
US11683188B2 (en) * | 2020-10-13 | 2023-06-20 | Google Llc | Representing certificate expiration with time-based intermediate certificate authorities |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5136646A (en) * | 1991-03-08 | 1992-08-04 | Bell Communications Research, Inc. | Digital document time-stamping with catenate certificate |
US5373561A (en) | 1992-12-21 | 1994-12-13 | Bell Communications Research, Inc. | Method of extending the validity of a cryptographic certificate |
CZ11597A3 (en) * | 1994-07-19 | 1997-09-17 | Bankers Trust Co | Method of safe use of digital designation in a commercial coding system |
US5687235A (en) | 1995-10-26 | 1997-11-11 | Novell, Inc. | Certificate revocation performance optimization |
US5745574A (en) | 1995-12-15 | 1998-04-28 | Entegrity Solutions Corporation | Security infrastructure for electronic transactions |
US5903651A (en) * | 1996-05-14 | 1999-05-11 | Valicert, Inc. | Apparatus and method for demonstrating and confirming the status of a digital certificates and other data |
US5903882A (en) * | 1996-12-13 | 1999-05-11 | Certco, Llc | Reliance server for electronic transaction system |
US6584565B1 (en) * | 1997-07-15 | 2003-06-24 | Hewlett-Packard Development Company, L.P. | Method and apparatus for long term verification of digital signatures |
US6226743B1 (en) * | 1998-01-22 | 2001-05-01 | Yeda Research And Development Co., Ltd. | Method for authentication item |
US6301658B1 (en) * | 1998-09-09 | 2001-10-09 | Secure Computing Corporation | Method and system for authenticating digital certificates issued by an authentication hierarchy |
AU6097000A (en) * | 1999-07-15 | 2001-02-05 | Frank W Sudia | Certificate revocation notification systems |
US6978364B1 (en) * | 2000-04-12 | 2005-12-20 | Microsoft Corporation | VPN enrollment protocol gateway |
GB0111063D0 (en) * | 2001-05-04 | 2001-06-27 | Abathorn Ltd | Method and apparatus for the creation of a self authenticating |
-
2000
- 2000-05-16 US US09/571,859 patent/US7047404B1/en not_active Expired - Lifetime
-
2001
- 2001-05-16 JP JP2001585441A patent/JP5060009B2/en not_active Expired - Lifetime
- 2001-05-16 AU AU2001263173A patent/AU2001263173A1/en not_active Abandoned
- 2001-05-16 AT AT01937435T patent/ATE339817T1/en not_active IP Right Cessation
- 2001-05-16 DE DE60123048T patent/DE60123048T2/en not_active Expired - Lifetime
- 2001-05-16 EP EP01937435A patent/EP1287637B1/en not_active Expired - Lifetime
- 2001-05-16 CA CA2408639A patent/CA2408639C/en not_active Expired - Lifetime
- 2001-05-16 WO PCT/US2001/015779 patent/WO2001089133A2/en active IP Right Grant
-
2006
- 2006-03-20 US US11/384,671 patent/US8032744B2/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
US20060200661A1 (en) | 2006-09-07 |
US7047404B1 (en) | 2006-05-16 |
WO2001089133A2 (en) | 2001-11-22 |
ATE339817T1 (en) | 2006-10-15 |
JP2003533940A (en) | 2003-11-11 |
JP5060009B2 (en) | 2012-10-31 |
WO2001089133A3 (en) | 2002-03-28 |
EP1287637A2 (en) | 2003-03-05 |
DE60123048D1 (en) | 2006-10-26 |
EP1287637B1 (en) | 2006-09-13 |
CA2408639C (en) | 2011-07-19 |
AU2001263173A1 (en) | 2001-11-26 |
US8032744B2 (en) | 2011-10-04 |
DE60123048T2 (en) | 2007-05-03 |
EP1287637A4 (en) | 2004-05-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2408639A1 (en) | Method and apparatus for self-authenticating digital records | |
US5604804A (en) | Method for certifying public keys in a digital signature scheme | |
US5717757A (en) | Certificate issue lists | |
US6301659B1 (en) | Tree-based certificate revocation system | |
US7519824B1 (en) | Time stamping method employing multiple receipts linked by a nonce | |
US5420927A (en) | Method for certifying public keys in a digital signature scheme | |
US7178029B2 (en) | Method and apparatus for validating a digital signature | |
Micali | Enhanced certificate revocation system | |
US7107456B2 (en) | Packaging evidence for long term validation | |
WO2004010271A3 (en) | System and method for the transmission, storage and retrieval of authenticated documents | |
MXPA02005311A (en) | System and method for electronic storage and retrieval of authenticated original documents. | |
ATE329426T1 (en) | METHOD AND DATA CARRIER FOR REGISTERING USERS OF A PUBLIC KEY INFRASTRUCTURE AND REGISTRATION SYSTEM | |
JP2001142398A (en) | Folder type time certifying system and distributed time certifying system | |
Lu et al. | A new proxy signature scheme with revocation | |
US20030115461A1 (en) | System and method for the signing and authentication of configuration settings using electronic signatures | |
JP4631132B2 (en) | Digital signature validity period extension system, digital signature validity period extension device, and digital signature validity period extension method | |
Massias et al. | Timestamps: Main issues on their use and implementation | |
EP4014428A1 (en) | System and method for electronic signature creation and management for long-term archived documents | |
US7490241B1 (en) | Time stamping method employing user specified time | |
NL2028778B1 (en) | Blockchain electronic contract management system | |
US6965998B1 (en) | Time stamping method using time-based signature key | |
CN105681035A (en) | Security authorization method which solves problem that certificate private key is reused by multiple users | |
JP4647918B2 (en) | Time stamp method | |
JP2007027938A (en) | Signature extension device, system, method and program | |
TW202042527A (en) | Verification and management system for a digital certificate and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20210517 |
|
MKEX | Expiry |
Effective date: 20210517 |