(Fwd) Key server patent

Stefan Kelm kelm at secorvo.de
Fri Feb 8 03:25:08 EST 2002 

FYI, there's more information at:

<http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=1&f=G&l=50&s1=
'6336186'.WKU.>

------- Forwarded message follows -------
Date sent:      	Wed, 6 Feb 2002 20:44:44 -0800 (PST)
From:           	Len Sassaman <rabbi at quickie.net>
To:             	<pgp-keyserver-folk at flame.org>
Subject:        	Key server patent.

FYI, NAI's newly granted key server policy patent:

http://www.delphion.com/details?pn=US06336186__

------- End of forwarded message -------


A cryptosystem having a Certificate (Key) Server for storing and
maintaining certificate or key information in a certificate database is
described. The Certificate Server allows clients to submit and
retrieve keys from a database based on a set of policy constraints
which are set for one's particular site (e.g., company). Access to the
Certificate Server is maintained by a Certificate Policy Agent, which
makes sure that the policy is enforced for a given site based on the
information supplied during the configuration. During operation, the
Certificate Server responds to client requests to add, search for,
and retrieve certificates. The server accepts or rejects certificates
based on configurable parameters enforced by a Certificate Policy
Agent. When a certificate is submitted to the server, the Certificate
Policy Agent checks to see if it meets the criteria for a given site
based on the settings specified during the configuration. Exemplary
types of checks that the Certificate Policy Agent can enforce include
checking to see if the key has been signed by the appropriate
entities and checking to see if the signatures or User IDs
associated with a key are approved for submission. If the
submission criteria established during the configuration are met, the
key is accepted by the server. If the key being submitted does not
pass the policy requirements, it is rejected and (optionally) a copy is
placed in a "pending bucket" where the key can subsequently be
examined by the system administrator to determine if the key should
be allowed on the server. 



-------------------------------------------------------
Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail kelm at secorvo.de, http://www.secorvo.de
-------------------------------------------------------
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list