Sep 24, 2004 - con?rming the status of a digital signature and other data.â ..... 6:00 PM v4kn. [0072] All ?elds in each roW other than the App Server. Name are ...
US 20050114653A1
(19) United States (12) Patent Application Publication (10) Pub. No.: US 2005/0114653 A1 (43) Pub. Date:
Sudia (54) CERTIFICATE REVOCATION Frank W. Sudia, San Francisco, CA
?led on Aug. 6, 1999. Provisional application No. 60/149,315, ?led on Aug. 17, 1999. Provisional appli cation No. 60/154,088, ?led on Sep. 15, 1999. Pro visional application No. 60/ 168,002, ?led on Nov. 30,
(Us)
1999.
NOTIFICATION SYSTEMS
(76)
Inventor:
May 26, 2005
Correspondence Address: Patent Group
Publication Classi?cation
Choate, Hall & Stewart
(51)
Int. Cl.7 ..................................................... .. H04L 9/00
Exchange Place
(52)
US. Cl. ............................................................ .. 713/158
53 State Street
Boston, MA 02109-2804 (US)
(21) Appl. No.:
10/949,713
(22) Filed:
Sep. 24, 2004
(57)
A revocation noti?cation system for a public key certi?cate and associated method are provided. At the time of issuance,
Related US. Application Data
(63) (60)
ABSTRACT
Continuation of application No. 09/617,050, ?led on Jul. 14, 2000. Provisional application No. 60/143,852, ?led on Jul.
15, 1999. Provisional application No. 60/147,696,
a CA requests and receives from an independent revocation service provider entity a THV corresponding to an IRV under the sole control of said revocation service provider. It
then embeds such THV into the public key certi?cate and
digitally signs the public key certi?cate With a private key. An entity requests revocation from the revocation service provider. The revocation service provider ceases publication of valid PFI updates for the public key certi?cate.
Application to Secure E-Mail X.509v3 CAI Certi?cate Authority
CA Name
Can also support
Serial Number
Generate and store IRV Hash forward 365 times
Plaoe THV In certi?cate
Subject Name
* 2.|-|°ur|y
Subject Public Key
" ggr'rvrlly t
. .
.
'
validity pen-0d
CA publishes
PFI Extension [THV]
"next" value
-
lTHVITer-rninalttashVelue _
inu es
'- 10 Minutes ‘l
Signature
PFI = periodic freshness
indicator
Relying Party
Delivery or Retrieval Message or Transaction
Signer I Sender Subscriber
K.“
Sender retrieves PFI value Places in signature block Signs and sends message
1 public key operation is equivalent to (approx) 10.000 hash operations. D
Recipient performs no
Sig-Block r
online communication.
- Signature
Receive and verify signature Extract PFI from sig block Hash forward D days
Compare _wlth THV from cert
(c) F.Sudia, 6-28-99
Patent Application Publication May 26, 2005 Sheet 4 0f 4
US 2005/0114653 A1
m
BONMEP u>E2
