| 发明名称 |
REDUCING LATENCY FOR CERTIFICATE VALIDITY MESSAGES USING PRIVATE CONTENT DELIVERY NETWORKS |
| 摘要 |
Techniques are disclosed for accelerating online certificate status protocol (OCSP) response distribution to relying parties using a content delivery network (CDN). A certificate authority generates updated OCSP responses for OCSP responses cached in the CDN that are about to expire. In addition, the certificate authority pre-generates cache keys in place of CDNs generating the keys. The certificate authority sends the OCSP responses and the cache keys in one transaction, and the CDN, in turn, serves requests for the OCSP responses using the cache keys. For new certificates, a private CDN is pre-populated with an OCSP response for a certificate concurrent with that certificate being issued. Doing so effectively uses the PCDN as an origin server for OCSP responses, reducing CA infrastructure needs. |
| 申请公布号 |
US2015100779(A1) |
申请公布日期 |
2015.04.09 |
| 申请号 |
US201314135277 |
申请日期 |
2013.12.19 |
| 申请人 |
Symantec Corporation |
发明人 |
VELADANDA HARI;CHAI NING;ANDREWS Richard F.;LIU Quentin |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-implemented method for reducing response latency for certificate validity messages using a private content delivery network, the method comprising:
generating, by a certificate authority, a digital certificate; generating, for the digital certificate, a certificate validity message; prompting a computing server in a private content delivery network (PCDN) to request the certificate validity message, wherein the PCDN caches content for a plurality of local CDN nodes; and upon receiving a request for the certificate validity message from the PCDN, sending the certificate validity message to the PCDN. |
| 地址 |
Mountain View CA US |
