| 摘要 |
Methods and systems of the present invention allow for dynamic updates of digital certificates, such as X.509 SSL certificates. The updates are available via a subscription, where the subscription is a technical, administrative, and/or financial arrangements between a Subscriber and a Certification Authority or between a Hosting Provider and the Certification Authority, which allow for dynamic, and in some embodiments automatic, updates of the Subscriber's certificate. The Subscriber regularly requests updates from the Certification Authority (pull-type methods and systems) or the Certification Authority updates certificates on Subscriber's servers (push-type methods and systems). The invention anticipates a use of short lifespan certificates, which substantially overcomes the issues connected to revoked certificates. If a certificate was revoked it will shortly expire and the Certification Authority would not update it. Also, if the private key was compromised, the person who obtained the private key would have very limited amount of time to exploit it. The invention adds more protection to the Subscribers and their clients. |
