| 摘要 |
A non-hierarchical infrastructure for managing twin-security keys of physical persons or of elements includes a public key and a private key with a public key certificate. The structure does not include any certification authority distinct from the physical persons or elements, but does include at least one registering authority and its electronic notary server. There is provided at least one registering authority and its electronic notary server for a circle of trust. The registering authority includes local registering agencies. The local registering agency establishes, after face-to-face verification of the identity of the physical person or of the identification of the element, a public key certificate, and a “public key ownership certificate”, which does not contain the public key of the person or of the element but the print thereof, and which is transmitted in a secure manner to the associated electronic notary server for storing in a secure manner. |
| 主权项 |
1. A non-hierarchical infrastructure for managing security key pair for physical persons or items, comprising a public key and a private key with a public key certificate that has a unique number, said infrastructure not including any certification authority separate from the physical persons or items, said infrastructure comprising:
for each of at least one registration authority, an electronic notary server of said at least one registration authority, wherein, said registration authority and its electronic notary server being provided for a trust circle, said registration authority comprising a plurality of proximity local registration agencies; for each of said proximity local registration agencies, a computer device on which a program is installed, said program being configured for:
establishing, for each physical person or item;
a public key certificate comprising:
first data including: a unique number, a public key of said person or item, an identification of said person or item, an address of the electronic notary server of the registration authority for which the local agency has registered the physical person or item, anda signature of said first data,a public key ownership certificate which is self-sealed, comprising:
second data including: the same unique number as the public key certificate; the identity of the physical person or the identification of the element and a representation of the public key thereof;a signature with a private key of the physical person or item associated with said public key, of said second data, orthe same unique number as the public key certificate;third data including: the identity of the physical person or the identification of the element, and a representation of the public key thereof,wherein said third data is encrypted with the private key of the physical person or item, according to an atypical use of this key, in order to render said third data opaque but not the unique number, and transmitting securely said public key ownership certificate to the associated electronic notary server which stores it. |
