发明名称 |
Communications Network Security Certificate Revocation |
摘要 |
The distribution of security certificate revocation information on a communications network is disclosed. An issuer node ( 82 ) of said network periodically generates data representative of base certificate revocation lists (CRLs) ( 10 ). The issuer node ( 82 ) periodically generates data representative of incremental CRLs ( 50 ), the incremental CRL data ( 50 ) including attributes for a current list of revoked certificates and a digital signature of the most-recent base CRL ( 10 ). A relying node ( 86 ) requests current incremental CRL data ( 50 ) from the issuer node ( 82 ). The relying node ( 86 ) reconstructs said most-recent base CRL by iteratively updating the list of revoked certificates present in the previous base CRL data held with the list of revoked certificates held by any intervening incremental CRL data ( 50 ). Additional forms of milestone CRL data ( 60 ) and augmented CRL data ( 70 ) are also disclosed.
|
申请公布号 |
US2008034204(A1) |
申请公布日期 |
2008.02.07 |
申请号 |
US20050597269 |
申请日期 |
2005.05.20 |
申请人 |
LAKSHMINARAYANAN ANANTHARAMAN |
发明人 |
LAKSHMINARAYANAN ANANTHARAMAN |
分类号 |
H04L9/00;H04L9/30;H04L9/32;H04L29/06 |
主分类号 |
H04L9/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|