摘要 |
<p>A method in which only a legitimate party can receive a certificate securely from a certificate service provider (100) as the result of a consumer delivering a certificate receiving permit to a store device (300), i.e. the other party of a transaction and a method in which a consumer entrusts the certificate service provider (100) to issue a certificate and store the issued certificate by delivering a certificate acquisition permit to the provider are disclosed. In response to a certificate acquisition permit issue request (510) from a store device (300), a consumer card device (200) sends a certificate acquisition permit issue response (520) including a certificate receiving permit and a certificate acquisition permit containing the certificate name to the store device (300), i.e. the other party of a transaction. The store device (300) sends a certificate acquisition request (530) including the certificate receiving permit and the certificate acquisition permit to the certificate service provider device (100). The certificate service provider device (100), which may hold a corresponding certificate, encrypts it by the store public key and sends it to the store device (300). The corresponding certificate, if not available, is acquired from a certificate issuing organization device (400). The certificate service provider device (100) adds the acquired certificate to a certificate data base and sends it to the store device (300) as a certificate acquisition response (540). The store device thus can acquire the certificate required for the transaction and can carry out the transaction. <IMAGE></p> |