Server authentication using multiple authentication chains
A client seeking to establish a cryptographically-secure channel to a server has an associated public key acceptance policy. The policy specifies a required number of certificates that must be associated with the server's public key, as well as one or more conditions associated with those certi...
Saved in:
Main Authors | , |
---|---|
Format | Patent |
Language | English |
Published |
02.05.2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | A client seeking to establish a cryptographically-secure channel to a server has an associated public key acceptance policy. The policy specifies a required number of certificates that must be associated with the server's public key, as well as one or more conditions associated with those certificates, that must be met before the client "accepts" the server's public key. The one or more conditions typically comprise a trust function that must be satisfied before a threshold level of trust of the client is met. A representative public key acceptance policy would be that certificate chains for the public key are valid and non-overlapping with different root CAs, and that some configurable number of those chains be present. The technique may be implemented within the context of an existing client-server SSL/TLS handshake. |
---|---|
Bibliography: | Application Number: US201816219275 |