| 摘要 |
<P>PROBLEM TO BE SOLVED: To provide a method and a computer program for revoking and updating a token having several encryption, signature and role certificates/private keys contained in the token. <P>SOLUTION: The certificates/private keys in a token 130 are transmitted wrapped by a public key and can be activated only by a private key contained in the token. The activation of any certificate/private key requires the entry of a passphrase by a user 132. All the certificates/private keys contained in the token 130 are stored in an authoritative database 104. When the token is lost, all the certificates/private keys associated with that token are revoked. Further, when new certificates/private keys are issued to the user, these certificates/private keys are encrypted by using the public key of the token 130 and downloaded to that token 130. <P>COPYRIGHT: (C)2003,JPO |
