摘要 |
PROBLEM TO BE SOLVED: To provide a secret key transmission device and method by which a user can simply acquire and identify a corresponding secret key even when the secret key for a certificate cannot locally be found. SOLUTION: A certificate user uses a client terminal 30 to request an authentication agency 10 to issue a certificate (x01). The authentication agency 10 issues a certificate X.509 based on the information of the certificate user (x02). The certificate user transmits a certificate/secrete key file PKCS#12 together with a secret key storage request (x03). A storage agency 20 stores the received file PKCS#12 in cross-reference with the user. When the certificate user desires extraction of the secret key from the storage agency 20, the certificate user transmits a secret key extract request with an expiration date designated thereto to the storage agency 20 (x05). Then the storage agency 20 refers to a collation table 216 to extract the certificate/secret key file PKCS#12 that is probably highly validated at that time and transmits the file to the certificate user (x06). The certificate user receives the certificate/secret key file PKCS#12 transmitted from the storage agency 20 and identifies the desired secret key. |