Trust information delivery scheme for certificate validation

Description

TECHNICAL FIELD

The invention relates to maintaining security in an electronic network. More particularly, the invention relates to a trust information delivery scheme for certificate validation.

BACKGROUND

The Secure Socket Layer (SSL) protocol (e.g., SSL Protocol Version 3.0) is presently the de facto industry standard for Web security. In fact, because most E-commerce applications are based on the Web, the SSL protocol is built into almost all Web servers and browsers, such as Netscape Enterprise Server, Microsoft Web Server, Netscape Communicator, and Microsoft Internet Explorer (IE).

The SSL protocol uses public key cryptography in conjunction with an X.509 certificate to provide server authentication and, optionally, client authentication. During the authentication process, the server sends its X.509 certificate chain which may or may not contain the root CA certificate who signed the server certificate to the client as part of the handshake messages the client and server exchange at the start of a session. The client validates the server's certificate through a normal certificate verification procedure if it has the server's certificate, it has the certification authority's (CA) certificate that signed the server's certificate, and it has associated trust information.

A common approach for providing the CA certificates and associated trust information to the client is to hard code a certificate database into the client software, such as done in Netscape Communicator and Microsoft IE. In this scheme, certificate management is up to the end users. For example, if a CA certificate is expired, it is the end users' responsibility to perform a new CA certificate rollover. Furthermore, the client hardware needs sufficient storage space to hold the certificate database, which usually ranges from 100K to 400 k. This is typically not a problem in the personal computer environment.

However, the above approach cannot be applied to mass market applications that run on the consumer appliances, such as set-top boxes, hand-held computers, pagers, and cell phones, due to at least any of the following reasons:

- Public CA root certificates, as with substantially all certificates, expire and their lifetime may not fit nicely within the expected shelf-life or lifetime of a consumer product. Thus, a mechanism for securely updating CA root certificates is desirable.
- In the unlikely event that a public CA's private root key is compromised, its root certificate must be revoked. Some trusted entity has to assume responsibility for revoking all compromised CA root certificates. In the personal computer environment, end users can revoke the root certificate by updating the client software if the compromised CA certificate is embedded in the client software. However, updating the software per each expired certificate is not practical in the consumer product environment because, e.g. it is practically impossible to recall all of the devices for participation in the update.
- The typical consumer electronics user is unsophisticated with regard to security and, as such, cannot be expected to participate in the maintenance of the trust knowledge information base. In the consumer device environment, maintenance of the trust knowledge information base must occur transparently to the user and in a secure fashion.
- Most consumer electronic devices have a limited amount of non-volatile flash memory where CA root certificates and associated trust information can be stored. It is important to minimize the usage of this memory space.

Current or Known Solutions

The SSL protocol itself does not specify how the root CA certificate validation should be implemented. Thus, such implementation is very much vendor dependent and proprietary to each vendor. There are very few publications regarding to this issue. Some well-known implementations are Netscape Communicator and Microsoft IE, which are based on a certificate database embedded in the browser software. In March 2001, an IETF draft, the Simple Certificate Validation Protocol (SCVP) regarding such certificate validation was published. The proposed protocol is based on a server that performs certificate validation.

The SCVP scheme uses a simple request-response model, which is briefly described as follows:

Upon receiving a certificate, the client sends a certificate validation request to a server. The request is optionally signed and contains the certificate in question and other parameters, such as extensions, as well as an answer that the client wants the server to provide. Based on the request, the server generates a response, signs it, and returns it to the client.

One advantage of the mechanism provided in this proposal is that it simplifies the client implementation for certificate validation, and it can be used as a general approach for clients to verify received certificates, including server certificates, in SSL. However, the protocol only addresses communications and does not address certificate management at the client endpoint. For example, it is important to provide a mechanism for delivering and updating root certificates that are needed to verify the server's responses, but such mechanism is not addressed in the proposal. The set of root certificates is the initial trust point for such protocol. Without an initial trust point, the certificate validation mechanism is still vulnerable.

Liberate Technologies of San Carlos, Calif. has developed a server-based certificate management mechanism that securely delivers root certificates and associated trust information to clients. With this scheme, the server certificates in SSL can be seamlessly validated. Such scheme fits particularly well into consumer devices and solves the problem of maintaining an initial trust point in the certificate chain, discussed above.

The Liberate mechanism works substantially as follows:

The building block of the scheme is the Root Security Information Object (RSIO), which is a data object that contains the following sets of information:

- A chain of Trusted Information Provider's (software provider, device owner, and Enhanced Service Provider (ESP)) Root Certificates. For the device owner and ESP, the chain only contains the most recent device owner/ESP root certificate.
- A trust table consisting of a set of SHA-1 hash values of the trusted certificates. For each hash value in the table, there is a bit vector describing the operations for which the certificate is trusted, i.e. the trust vector, and a bit vector describing the operations which the certificate is trusted to delegate to other certificates. The table is digitally signed by the subject who provided the object.
- A timestamp indicating the time this object is created.
- The digital signature of the trust table.

The Liberate mechanism typically involves three business entities, e.g. the software provider, a device owner, and an ESP, which forms a hierarchy with the software provider at the top, the device owner in the middle, and the ESP in the bottom. Each of the three entities provides an RSIO that is based on its own requirements. The root certificate of each entity must be submitted to, and verified by, the entity in the next higher level of the hierarchy and included in its RSIO. Thus, the RSIOs also form a hierarchy linked by their root certificates with the software provider RSIO at the top, the device owner RSIO in the middle, and the ESP RSIO at the bottom. Based on the RSIOs, the server constructs a Hierarchical Root Security Information Object (HRSIO) and delivers it to the client during the client boot up time.

The HRSIO contains the following information:

- A chain of software provider Root Certificates.
- A trust table signed by the most recent software provider Root Certificate.
- One or more trust tables signed by trusted device owners and the device owner's Root Certificates.
- A trust table signed by a trusted ESP and the ESP Root Certificate.

The software provider root certificate is stored into the ROM of each client device during the manufacture process. Thus, upon receiving a HRSIO, the client can verify it through a chain of validation.

When a client attempts to initiate an SSL connection to a server, it proceeds through the phases of the SSL handshake. The discussion herein does not attempt to present the SSL protocol in detail, but rather highlights the points at which HRSIO information is used. In the initial phases of the handshake, the server presents its certificate and, optionally, the CA certificate that signed its certificate.

The proposed scheme has a significant advantage over the old scheme because of the following:

- In the RSIO scheme, each hash value in the trust table is computed using the whole certificate information as the input. Consequently, having two certificates with different validity (a field contained in the certificate) results in two different hash values. This property creates an unnecessary failure in the SSL certificate chain validation in a common scenario:

When the client receives a server certificate chain that contains the renewal of an expired root CA certificate and the client trust table only contains the old root CA certificate because the trust table has not been updated yet. In this case, the SSL certificate chain validation fails because the hashes of the two certificates do not match. That means, whenever a certificate expired in the RSIO, the corresponding RSIO provider has to update the certificate in its RSIO and reconstruct a new RSIO and deliver the updated trust table to the client. This actually needs to go through the whole RSIO update procedure.

However, it is a common practice to renew the CA certificate by extending the validity of the old certificate based on the same key pair if it has not been compromised. This practice is to minimize migration problems for the CAs. Thus, in this case, the RSIO update is unnecessary because the old certificate still should be treated as valid even it is expired because the old and the new certificate share the same key. This problem is perfectly solved in the proposed scheme by hashing the public key portion of the certificate during the creation of the trust table.

The client can then determine whether or not to continue the handshake by performing the following checks:

- Verify that the certificate is valid at the current time.
- Hash the server certificate, e.g. using SHA-1, and check to see if it is in the trust table. If so, the handshake can proceed if the trust vector indicates that the certificate is an SSL server certificate. If the hash is in the table, but the SSL server bit is not set in the trust vector, the handshake immediately fails. If the hash is not in the table, proceed to the next check.
- If the CA's Root Certificate was not presented, retrieve it from the Security Service on the server.
- Verify the digital signature on the server certificate, and verify that the signature came from the named CA using the CA's Root Certificate.
- Hash the CA's Root Certificate, and check to see if it is in the trust table.
- Verify that the table entry for the CA's Root Certificate is marked as trusted as a CA for issuing SSL server certificates.

Once all these checks are complete, the client continues the SSL handshake by negotiating a cipher suite and exchanging keys with the server, and then begins transferring encrypted data.

Although the Liberate mechanism solves several problems, such approaches may have one or more of the following disadvantages:

- There are too many dependencies on the software provider. A software company may not be qualified to behave as a CA and perform certificate management. For example, if the software provider's root certificate is compromised then the whole system may be vulnerable.
- There is too much burden for the device owner and ESP. They must go through a series of steps to update their root certificates whenever their root certificates are expired or compromised. For example, the device owner must submit its new root certificate to the software provider and wait for a new RSIO that includes the new root certificate from the software provider. Then, the device owner must reconstruct a RSIO and deliver it to the ESP. The ESP must then reconstruct an RSO and deliver the updated information to the clients.
- Such procedure is complicated. In the reality, the device owner and ESP are often the same party and, thus, the three-level hierarchy is redundant and creates overhead. Further, there are many human interactions involved whenever information in the RSIO must be updated. In such case, the turn around time may be too long.

It would be advantageous to provide a simplified trust information delivery scheme for certificate validation.

SUMMARY

The invention provides a simplified trust information delivery scheme for certificate validation. The presently preferred embodiment of the invention comprises a server based certificate management mechanism that delivers certificates and associated trust information for clients to verify received certificates. Such scheme works effectively with SSL to provide server authentication. Such scheme may also be used for Javascript access control. The scheme especially fits into the consumer device environment.

In the preferred embodiment, a unique TIO based trust information delivery scheme allows clients to verify received certificates and control Javascript access efficiently. This scheme fits into the certificate verification process in SSL to provide a secure connection between a client and a Web server.

In particular, the scheme is well suited for integration into consumer devices that have a limited footprint, such as set-top boxes, cell phones, and handheld computers. In such devices, it is not practical to hardcode a certificate database, which usually ranges from 50K to 400 k in size, into the client memory due to limited amount of storage available in such consumer devices. Using the herein disclosed TIO technique, the size problem is substantially solved. Furthermore, the TIO update scheme allows clients, i.e. consumer devices, to update certificates securely and dynamically.

A key observation in connection with the invention herein is that in general, due to the limited resources such as memory and computing power, consumer devices need server support to browse a network, such as the Internet. The main function of such server is to reformat or transcode Web page contents so that the clients can display the results. Typically, transcoding servers are hosted by device owners, such as cable operators, ISPs, and broadcasters. The invention provides a mechanism by which these entities are the TIO providers that deliver the TIO to their client devices to enable the SSL functionality.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an architectural block schematic diagram of a trust information delivery scheme for certificate validation according to the invention;

FIG. 2 is a flow diagram showing SSL authentication according to the invention;

FIG. 3 is a flow diagram showing Javascript access control according to the invention;

FIG. 4 is a flow diagram showing HTTP update according to the invention in a persistent storage client device;

FIG. 5 is a flow diagram showing broadcast update according to the invention in a persistent storage client device; and

FIG. 6 is a flow diagram showing client device update according to the invention in a device that does not include persistent storage.

DETAILED DESCRIPTION

The presently preferred embodiment of the invention (see FIG. 1) comprises a scheme that allows Trust Information Providers (TIP) 10, e.g. cable operators, ISPs, and OEMs, to deliver certificates with associated trust information to clients 12 for verification of the received certificates. The scheme also allows the TIP to update the certificates and associated trust information sent to clients, and it operates in connection with both flash and non-flash based clients.

A key observation in connection with the invention herein is that in general, due to the limited resources such as memory and computing power, consumer devices need server support to browse a network, such as the Internet. The main function of such server is to reformat or transcode Web page contents so that the clients can display the results. Typically, transcoding servers are hosted by device owners, such as cable operators, ISPs, and broadcasters. The invention provides a mechanism by which these entities are the TIO providers that deliver a trust information object (TIO) 14 to their client devices to enable SSL functionality.

Trust Information Object (TIO)

Conceptually, a Trust Information Object (TIO) is a table of two columns having a timestamp, the number of signatures and, optionally, digital signatures. Each row of the table consists of the hash value of a trust entity certificate, such as Root CA Certificate, and its associated trust information indicating the level of the trust for this entity. Table “A” below illustrates an exemplary structure of the TIO.

TABLE A

TIO Structure

HASH
TRUST VECTOR

Hash (C₁),
TV₁

Hash (C₂)
TV₂

. . .
. . .

Hash (C_N)
TV_N

Number of Signatures

Timestamp

Signatures

TIO Structure

Where:

- C_i—is a trusted entity's certificate, e.g. a CA root certificate or SSL server certificate (for optimal performance, i.e. minimum amount of TIO update and certificate fetching, the hash value can be taken on the certificate excluding the validity and serial number);
- TV_i;—is the trust vector of certificate i;
- Number of Signatures—specifies the number of signatures required for the next update;
- Timestamp—is the date the TIO is created; and
- Signature—is the digital signature of all the data including the

Certificates, the Trust Vectors, the Number of Signatures, and the Timestamp, contained in the TIO.

The preferred hash function can be either MD5 or SHA-1. For maximum security, SHA-1 is presently preferred. The ASN.1 (see Abstract Syntax Notation) definition of the TIO, which follows the PKCS#7 standard (e.g., The Public-Key Cryptography Standards (PKCS), RSA Data Security, Inc., Version 1.5, revised Nov. 1, 1993), and the semantics of each bit in the trust vector (TV) are described in greater detail below. Because the output of the hash function has a fixed length of twenty bytes maximum, i.e. when using SHA-1, and the TV is likely from one to two bytes, the size of the whole table is very small. Thus, the TIO readily fits into consumer devices, such as set-top boxes, cell phones, hand held computers, and pagers. For example, a TIO derived from 50 Root Certificates has the size of around 1 k. Furthermore, with a TIO containing the hash values of the most popular root CA certificates, clients are capable of communicating with the majority of the secure web sites.

At the software development stage, a TIO derived from a set of popular root CA certificates is hard coded into the client software. In this embodiment, where the client, i.e. the consumer device, has flash memory 16, a copy of the TIO is saved in the flash memory during the client build time. The TIO is periodically updated thereafter using a mechanism described below.

SSL Server Authentication

During the SSL handshake (100; see FIG. 2) between the client and the server, the server sends a certificate chain that may or may not contain the root certificate (RC) to the client (102).

The client can validate the server certificate by the following procedure:

- 1. The client hashes the server certificate (104) using SHA-1, assuming that SHA-1 is used in the construction of TIO, and compares the resulting digest against the list of trusted entity certificate thumbprints obtained from the TIO (106). If a match is not found (108), step #2 below is performed. If a match is found (108), the client checks the trust bit vector associated with the certificate to ensure that the authenticated server is trusted in the context of the SSL session being established (110). If the necessary trust capabilities are not set on the matched thumbprint (112), the client fails the SSL handshake (114). Otherwise, the server is deemed authenticated (116), provided that the remaining steps of the SSL handshake protocol are successfully completed.
- 2. In the case where the chain does not contain the RC, the client first retrieves the RC from a trusted server through the normal HTTP operations (118). Without loss of generality, it is assumed that the RC is available in the client. Then the client goes through the normal certificate chain validation up to the root CA (120). Once the entire chain is validated, the client tries to validate the CA RC (122). If the RC is included in the chain (124), then the client hashes the RC and looks up the TIO in the client (126). If the hash value and a corresponding trust bit (which indicates that the CA is trusted to issue SSL server certificates) are found in the TIO 108, 110, 112, then the certificate chain is considered to be valid and the SSL handshake procedure proceeds 116. Otherwise, the certificate chain validation fails and the SSL negotiation stops 114.

CA root certificates have a finite life span and expire from time to time. However, the expiry of a certificate does not imply that the certificate is compromised and no longer can be used. Most CAs generate their new CA certificates using the old key pairs to minimize transition problems. In this situation, the old root certificates can still be trusted. To minimize the amount of CA fetching and TIO update, the hash value in the TIO can be taken by hashing the certificate, excluding the validity and serial number. Doing so, the certificate described in the above SSL authentication process is accepted by the validation mechanism, even when the client receives an expired CA root certificate. This does not create a security hole as long as the TIO provider knows that the CA certificate is still valid.

Access Control

In general, client devices include a set of specific data, saved by the manufacturer or the service provider, that are accessible only to the trusted applications. The update of these pieces of data is typically through Javascript or Java due to the mobility of these languages, although other languages can be used. In one embodiment (see FIG. 3), a designated trust bit with the site certificate in the TIO is used to identify a site that is trusted to perform special operations. When the client executes a Javascript thread (200) it checks the certificate and associated trust information (202). If the trust bit indicates that the site identified by its certificate is trusted for the intended operation (204), then access permission is granted (206). Otherwise, the client rejects the access (208).

Root Certificates Update

A TIO that is hard coded in the client software or saved in the flash memory of the client device provides the trust basis for the client to make SSL connections. As is known, certificates may become invalid from time to time. Thus, a mechanism that allows TIO providers to update the TIO contained in flash memory is necessary. The following discussion describes two different TIO update schemes: one of these schemes is suitable for clients having flash memory, e.g. NVRAM, while the other scheme is useful for clients that do not have any local persistent storage.

Client with Flash/NVRAM

In this case, the client device has a copy of the TIO in flash memory (see FIG. 1). In the preferred embodiment, the TIO is delivered to the client through one of two channels 18, i.e. broadcast or HTTP.

In the case of using HTTP over an SSL channel to deliver the TIO (see FIG. 4), the TIO does not need to be signed. Although it can also optionally be signed. At boot-up time 300, the client connects to the server 302 to ask whether a new TIO is available, and the server sends the new TIO 304 to the client through the normal HTTP if there is a more recent TIO.

In the broadcast situation (see FIG. 5), the TIO must be signed. For the client to verify the signature of the TIO, the signing certificate of the authority, which may be a CA, software provider, or the cable operator, must be delivered to the client before hand. To that end, the cable operator (for example) must send a TIO including the signing certificate to the client through the SSL channel before using the broadcast method 400. The trust information of the signing certificate indicates that this certificate can be trusted for signing the TIO. The update procedure, depending on the mechanism (HTTP or broadcast), is illustrated in the following:

Update Via HTTP

In the case where the client is capable of performing SSL, the client can fetch the TIO from the trusted server through HTTP over SSL, or via HTTPS. Because SSL guarantees the security of the delivery, the new TIO does not need to be signed and thus no signature verification is needed. However, the client must ensure that the root certificate that signed the trusted server certificate is contained in the new TIO and not revocable, as indicated by the trust bit associated with the certificate. This check is performed to guarantee that the system is always recoverable even when a malicious TIO hacks into the client. Otherwise, there is a potential situation that can cause the client device to fail. For example, if the server is compromised and a hacker manages to send a malicious TIO that contains only a malicious root certificate to the client, then the client can never connect to the server again because the SSL server authentication fails. With a root certificate that signed the trusted server certificate that is not revocable, the client can always connect to the server through SSL to fetch a valid TIO and get rid of the malicious TIO. Then the client checks the timestamp that is embedded in the TIO. If it is valid, e.g. later in time than the previous TIO, then the old TIO is replaced with the downloaded TIO. Otherwise, the client rejects the update request.

In the case where the TIO is digitally signed due to the requirement of a security policy or lack of support for SSL, the client verifies the digital signatures of the TIO with the signing certificates along with the TIO sent to the client. Here, multiple signatures may be verified, depending on the number of signatures specified in the TIO. Then the client hashes the signing certificates one by one. If the proper results are found in the TIO and the trust bits indicate that these certificates are trusted for signing TIO, then the TIO proves that it was not tampered with. Finally, the client verifies the timestamp in the same way as mentioned above.

Note that the signing certificates must exist in the TIO in the client before the TIO is signed. Otherwise, the signing certificates cannot be validated. To that end, the TIO providers can either choose CAs whose root certificates are included in the initial TIO embedded in the client to sign the TIO, or they can use an SSL channel to deliver a TIO that contains the signing certificates to the client before signing the TIO.

Update Via Broadcast

In many environments, such as cable television, centralized data can be delivered to end users by broadcast. The biggest advantage of broadcast is its efficiency. To take this advantage, the TIO can be delivered to clients by broadcast. In this case, the TIO must be signed because the broadcast channel is usually not secure. The client can verify the TIO by the same procedure discussed above. The TIO providers deliver a TIO that contains the signing certificate and associated trust information to the client by either including the signing certificate in the initial TIO saved in the client flash, or by sending the TIO to the client through the SSL channel before using the broadcast channel.

Client Without Persistent Storage

In this situation (see FIG. 6), the same TIO update mechanism, e.g. HTTP/HTTPS channel or broadcast, as discussed above can be applied. However, the update must occur on a per session basis because the TIO can only be cached in the device memory, i.e. it is not persistently stored. This means that, at each boot-up time 500, the client must fetch the most recent TIO from the server through the SSL channel 502 and receive any update thereafter from the broadcast channel 504. If a root certificate in the client TIO is compromised or insecure, a software update cannot be avoided. Because the chance of a root CA certificate being insecure is very small (it may not even happen at all at least, there is no such evidence so far after more than five years of CA practice in the industry), the concern for the frequency of the software update can be ignored.

Note that expiration of a root CA certificate does not require updating of the TIO because the expiry of a root certificate only creates robustness problems, but not security implications if the key of the certificate known to be valid. The fact that the TIO update is not needed even when a root CA certificate in the TIO is expired is true only if the renewed CA certificate shares the same public key with the old one. That is, the renewal differs from the old one only by validity. If the renewal changed the key then TIO update is needed. The TIO does not need to be updated when the new CA certificate shares the same key with the old one because of the nature of the public key cryptography. If the new CA certificate shares the same key with the old one, then the server certificate issued by the new CA can be cryptographically verified by the new CA certificate if and only if it can be verified cryptographically by the old CA certificate. That means the new CA certificate plays the same role as the old one in verification of the server certificate.

The only situation that the expiry of root certificates causes a software update is when all the root certificates in the TIO are expired and their corresponding key pairs are changed. This is because the SSL session between the trusted server that provides the TIO and the client cannot be established. However, the chance for this to happen is very small because a new software release is likely to happen before all of the root certificates have expired. Thus, a cable operator (for example) can always choose a CA known to be valid in the TIO to issue its trust server certificate, and the SSL session between the client and the trust server can be established all the time. Once the SSL session between the client and the server is established, the client can fetch the most recent TIO, which contains only the valid root certificates, from the server and updates the old one with the same procedure described above. The new TIO is then cached in the memory for the subsequent SSL session establishments.

ASN.1 Definition of Trust Information Object (TIO)

In the presently preferred embodiment of the invention, when the TIO is signed, it is implemented using the PKCS #7 data format with the SignedData encapsulation format. Table “B” below describes how the SignedData content type is used for this purpose.

TABLE B

Use of the Signed Data Format to Implement the TIO

PKCS #7 Field Name
Description

SignedData.version
The PKCS #7 standard version

shall specify version 1.

SignedData.digestAlgorithms
The digest algorithms -- shall

specify SHA-1 and, optionally,

others.

SignedData.contentInfo.contentType
The type of data being

signed - shall specify Trust-Info,

as defined below

SignedData.contentInfo.content
The data being signed -- shall

contain the DER encoding of

the ASN.1 object TrustInfo, as

defined below

SignedData.certificates
This is the list of root certificate

fingerprints and associated trust

information.

SignedData.crls
Not used (omitted).

SignedData.signerInfos
The version number for the digital

signature format-shall specify

version 1

SignedData.signerInfos.authenticated
Not used (omitted).

Attribute

SignedData.signerInfos.digestEncryp-
The digital signature

tion Algorithm
algorithm - shall specify RSA.

SignedData.signerInfos.encrypted-
The digital signature.

Digest

SignedData.signerInfos.unauthenti-
Not used (omitted).

catedAttrributes

The following is the ASN.1 definition for the Trust Information Object which is DER encoded into the SignedData.contentInfo.content field of the PKCS#7 SignedData object described in Table “B.”

TrustInfoObject ::=SEQUENCE

{
timeStamp
UTCTime

trustInfo
TrustInfo

{

TrustInfo ::= SET OF TrustEntity

timeStamp: The date the TIO is generated. This is a coordinated universal time or Greenwich Mean Time (GMT) value.

TrustEntity ::= SEQUENCE

{

trustAttribute
CAType

thumbPrint
BIT STRING

}

trustAttribute: The trust information associated with an entity represented by its certificate.

thumbPrint: The SHA-1 hash of the public key embedded in the certificate that represents a trusted entity.

CAType ::= BIT STRING

{

TIOCA (0),-- CA trusted to sign the TIO. This bit is used in the

verification of a signed TIO. The client checks whether this particular bit

in the trust vector is turned on when the TIO signing certificate hash is

found in the TIO --

SslClientCA (1),-- CA trusted to issue certs for SSL clients. This

bit is used to authenticate server certificates in SSL. The client checks

whether this particular bit in the trust vector associated with the root CA

certificate that signed the SSL server certificate is turned on --

SslServerCA (2),-- CA trusted to issue certs for SSL servers --

SslServerCert (3)-- SSL server certificate, this bit indicates whether

a received server certificate in SSL can be trusted as a SSL server

certificate --

appSwPubCA (4), -- CA trusted to issue certificates for Application

Software Publishers. This bit is used for software update. When a new

version of software, either signed or from a secure server (SSL server),

delivered to the client, the client checks this bit to see whether the

associated certificate is trusted for the intended access. --

privAppCA (5) -- CA trusted to issue certificates for Privileged

Application Provider. This bit is for Java and/or Javascript access control.

If this bit is turned on for a root CA certificate then any downloaded

applications, signed or over SSL, whose associated certificates are signed

by this CA are qualified to perform pre-defined privileged operations. --

}

Note that the trust bits can be added or removed depending on the requirements. For example, a TIO provider may use a few bits to support multiple levels of Javascript/Java access control. In this case, each bit identifies a privilege level. The presently preferred embodiment of the invention uses only one bit, namely privAppCA for this purpose.

Although the invention is described herein with reference to the preferred embodiment, one skilled in the art will readily appreciate that other applications may be substituted for those set forth herein without departing from the spirit and scope of the present invention. Accordingly, the invention should only be limited by the Claims included below.

Claims

1. A method comprising: receiving, from a computing device, an unverified root certificate, wherein the unverified root certificate is for certifying the computing device;hashing a public key portion of the unverified root certificate to generate a digest;certifying the computing device responsive to the digest matching one of a first plurality of previously stored hash values;receiving a trust information object comprising a second plurality of hash values and a plurality of trust vectors; andoverwriting the first plurality of previously stored hash values and a plurality of previously stored trust vectors with the second plurality of hash values and the plurality of trust vectors, respectively.
2. The method of claim 1, wherein the unverified root certificate comprises a signing certificate associated with one of a certificate authority, a software provider, and a content provider.
3. The method of claim 1, wherein the hashing is performed via an MD5 or SHA-1 algorithm.
4. The method of claim 1, wherein the first plurality of previously stored hash values is associated with an earlier timestamp than the second plurality of hash values.
5. The method of claim 1, further comprising: determining that the computing device is trusted for a secure connection by examining a bit of one of the plurality of previously stored trust vectors; andestablishing the secure connection.
6. The method of claim 1, further comprising: receiving information related to a number of signatures required for a next update of the second plurality of hash values.
7. A method comprising: receiving, from a computing device, a certificate chain comprising a plurality of unverified certificates, wherein the plurality of unverified certificates comprises a first unverified certificate of a certificate authority issuing the plurality of unverified certificates;hashing the first unverified certificate to generate a digest;certifying the computing device responsive to the digest matching one of a first plurality of previously stored hash values;starting a session with the computing device;receiving a second plurality of hash values and a plurality of trust vectors; andoverwriting the first plurality of previously stored hash values and a plurality of previously stored trust vectors with the second plurality of hash values and the plurality of trust vectors, respectively.
8. The method of claim 7, wherein the receiving the second plurality of hash values and the plurality of trust vectors comprises receiving the second plurality of hash values and the plurality of trust vectors via a secure transmission channel.
9. The method of claim 7, wherein the certificate chain comprises a signing certificate associated with one of the certificate authority, a software provider, and a content provider.
10. The method of claim 7, wherein the hashing is performed via an MD5 or SHA-1 algorithm.
11. The method of claim 7, wherein the first plurality of previously stored hash values is associated with an earlier timestamp than the second plurality of hash values.
12. The method of claim 7, further comprising: determining that the computing device is trusted for a secure connection by examining a bit of one of the plurality of previously stored trust vectors; andestablishing the secure connection.
13. The method of claim 7, further comprising: receiving information related to a number of signatures required for a next update of the second plurality of hash values.
14. A method comprising: receiving, from a computing device, a first trust information object comprising at least a plurality of hash values, each hash value being hashed from a trusted entity certificate, and a plurality of trust vectors, each trust vector corresponding to one of the plurality of hash values, the trust vectors indicative of a level of trust associated with a particular trusted entity certificate;receiving, from the computing device, an unverified root certificate, wherein the unverified root certificate is for certifying the computing device;hashing a public key portion of the unverified root certificate to generate a digest;determining that the digest matches one of a first plurality of previously stored hash values;starting a session with the computing device;receiving a second trust information object; andoverwriting the first trust information object with the second trust information object.
15. The method of claim 14, wherein the unverified root certificate comprises a signing certificate associated with one of a certificate authority, a software provider, and a content provider.
16. The method of claim 14, wherein the hashing is performed via an MD5 or SHA-1 algorithm.
17. The method of claim 14, wherein the first trust information object is associated with an earlier timestamp than the second trust information object.
18. The method of claim 15, further comprising: determining that the computing device is trusted for a secure connection by examining a bit of a previously stored trust vector associated with the digest; andestablishing the secure connection.
19. The method of claim 14, further comprising: receiving information related to a number of signatures required for a next update of the second trust information object.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation application of U.S. patent application Ser. No. 13/863,507 filed Apr. 16, 2013, and entitled “Trust Information Delivery Scheme for Certificate Validation”, which is a continuation application of U.S. patent application Ser. No. 13/248,744 filed Sep. 29, 2011, which issued Apr. 30, 2013, as U.S. Pat. No. 8,433,898, and entitled “Trust Information Delivery Scheme for Certificate Validation,” which is a continuation application of U.S. patent application Ser. No. 12/427,455 filed Apr. 21, 2009, which issued Dec. 13, 2011, as U.S. Pat. No. 8,078,866, and entitled “Trust Information Delivery Scheme for Certificate Validation,” which is a divisional application of U.S. patent application Ser. No. 10/057,066 filed Jan. 25, 2002, which issued May 19, 2009, as U.S. Pat. No. 7,536,544, and is entitled “Trust Information Delivery Scheme for Certificate Validation,” the entire disclosures of which are hereby incorporated by reference.

US Referenced Citations (229)

Number	Name	Date	Kind
4035835	Poetsch	Jul 1977	A
4589013	Vlahos et al.	May 1986	A
4694329	Belmares-Sarabia et al.	Sep 1987	A
4697209	Kiewit et al.	Sep 1987	A
4868557	Perlman	Sep 1989	A
4868877	Fischer	Sep 1989	A
4888801	Foster et al.	Dec 1989	A
4893114	Ishii	Jan 1990	A
5001697	Torres	Mar 1991	A
5005011	Perlman et al.	Apr 1991	A
5009363	Zavatone	Apr 1991	A
5043714	Perlman	Aug 1991	A
5065143	Greaves et al.	Nov 1991	A
5065231	Greaves et al.	Nov 1991	A
5097257	Clough et al.	Mar 1992	A
5117074	Yanai et al.	May 1992	A
5119074	Greaves et al.	Jun 1992	A
5130800	Johnson et al.	Jul 1992	A
5155847	Kirouac et al.	Oct 1992	A
5202828	Vertelney et al.	Apr 1993	A
5204947	Bernstein et al.	Apr 1993	A
5206951	Khoyi et al.	Apr 1993	A
5224163	Gasser et al.	Jun 1993	A
5307173	Yuen et al.	Apr 1994	A
5321750	Nadan	Jun 1994	A
5321806	Meinerth et al.	Jun 1994	A
5347622	Takemoto et al.	Sep 1994	A
5347632	Filepp et al.	Sep 1994	A
5365360	Torres	Nov 1994	A
5367316	Ikezaki	Nov 1994	A
5373561	Haber et al.	Dec 1994	A
5390295	Bates et al.	Feb 1995	A
5436673	Bachmann et al.	Jul 1995	A
5444861	Adamec et al.	Aug 1995	A
5453779	Dan et al.	Sep 1995	A
5471577	Lightbody et al.	Nov 1995	A
5481294	Thomas et al.	Jan 1996	A
5495610	Shing et al.	Feb 1996	A
5497422	Tysen et al.	Mar 1996	A
5530865	Owens et al.	Jun 1996	A
5532732	Yuen et al.	Jul 1996	A
5541638	Story	Jul 1996	A
5546525	Wolf et al.	Aug 1996	A
5548702	Li et al.	Aug 1996	A
5553123	Chan et al.	Sep 1996	A
5558339	Perlman	Sep 1996	A
5572643	Judson	Nov 1996	A
5581686	Koppolu et al.	Dec 1996	A
5583560	Florin et al.	Dec 1996	A
5584025	Keithley et al.	Dec 1996	A
5585858	Harper et al.	Dec 1996	A
5586257	Perlman	Dec 1996	A
5594509	Florin et al.	Jan 1997	A
5600364	Hendricks et al.	Feb 1997	A
5621456	Florin et al.	Apr 1997	A
5621797	Rosen	Apr 1997	A
5624316	Roskowski et al.	Apr 1997	A
5634051	Thomson	May 1997	A
5636209	Perlman	Jun 1997	A
5638523	Mullet et al.	Jun 1997	A
5642419	Rosen	Jun 1997	A
5654748	Matthews, III	Aug 1997	A
5657378	Haddock et al.	Aug 1997	A
5659616	Sudia	Aug 1997	A
5671445	Gluyas et al.	Sep 1997	A
5680458	Spelman et al.	Oct 1997	A
5701451	Rogers et al.	Dec 1997	A
5703995	Willbanks	Dec 1997	A
5708845	Wistendahl et al.	Jan 1998	A
5717757	Micali	Feb 1998	A
5717939	Bricklin et al.	Feb 1998	A
5724567	Rose et al.	Mar 1998	A
5727129	Barrett et al.	Mar 1998	A
5734853	Hendricks et al.	Mar 1998	A
5737599	Rowe et al.	Apr 1998	A
5740549	Reilly et al.	Apr 1998	A
5745109	Nakano et al.	Apr 1998	A
5745574	Muftic	Apr 1998	A
5747757	Van Zeeland et al.	May 1998	A
5752042	Cole et al.	May 1998	A
5752045	Chen	May 1998	A
5754178	Johnston, Jr. et al.	May 1998	A
5754938	Herz et al.	May 1998	A
5754939	Herz et al.	May 1998	A
5757920	Misra et al.	May 1998	A
5758111	Shiratori et al.	May 1998	A
5760549	Kobayashi	Jun 1998	A
5761306	Lewis	Jun 1998	A
5761662	Dasan	Jun 1998	A
5764992	Kullick et al.	Jun 1998	A
5764993	Shindo	Jun 1998	A
5768389	Ishii	Jun 1998	A
5774540	Davidson et al.	Jun 1998	A
5774664	Hidary et al.	Jun 1998	A
5781228	Sposato	Jul 1998	A
5784058	LaStrange et al.	Jul 1998	A
5784463	Chen et al.	Jul 1998	A
5787172	Arnold	Jul 1998	A
5787182	Hoshino et al.	Jul 1998	A
5790796	Sadowsky	Aug 1998	A
5796840	Davis	Aug 1998	A
5796841	Cordery et al.	Aug 1998	A
5801787	Schein et al.	Sep 1998	A
5802284	Karlton et al.	Sep 1998	A
5808628	Hinson et al.	Sep 1998	A
5809242	Shaw et al.	Sep 1998	A
5809287	Stupek, Jr. et al.	Sep 1998	A
5815679	Liu	Sep 1998	A
5818441	Throckmorton et al.	Oct 1998	A
5828837	Eikeland	Oct 1998	A
5832223	Hara et al.	Nov 1998	A
5835919	Stern et al.	Nov 1998	A
5838775	Montalbano	Nov 1998	A
5841896	Tsuchiya	Nov 1998	A
5841978	Rhoads	Nov 1998	A
5848352	Dougherty et al.	Dec 1998	A
5848396	Gerace	Dec 1998	A
5850232	Engstrom et al.	Dec 1998	A
5852665	Gressel et al.	Dec 1998	A
5852673	Young	Dec 1998	A
5859969	Oki et al.	Jan 1999	A
5861871	Venable	Jan 1999	A
5862325	Reed et al.	Jan 1999	A
5867166	Myhrvold et al.	Feb 1999	A
5870559	Leshem et al.	Feb 1999	A
5870759	Bauer et al.	Feb 1999	A
5870765	Bauer et al.	Feb 1999	A
5874967	West et al.	Feb 1999	A
5877741	Chee et al.	Mar 1999	A
5887243	Harvey et al.	Mar 1999	A
5892536	Logan et al.	Apr 1999	A
5907315	Vlahos et al.	May 1999	A
5907322	Kelly et al.	May 1999	A
5913040	Rakavy et al.	Jun 1999	A
5919849	Memon et al.	Jul 1999	A
5923379	Patterson	Jul 1999	A
5926624	Katz et al.	Jul 1999	A
5929849	Kikinis	Jul 1999	A
5933811	Angles et al.	Aug 1999	A
5936606	Lie	Aug 1999	A
5946664	Ebisawa	Aug 1999	A
5948061	Merriman et al.	Sep 1999	A
5949432	Gough et al.	Sep 1999	A
5956404	Schneier et al.	Sep 1999	A
5959623	van Hoff et al.	Sep 1999	A
5974461	Goldman et al.	Oct 1999	A
5977960	Nally et al.	Nov 1999	A
5982445	Eyer et al.	Nov 1999	A
5982898	Hsu et al.	Nov 1999	A
5991542	Han et al.	Nov 1999	A
5991799	Yen et al.	Nov 1999	A
6005574	Herrod	Dec 1999	A
6006034	Heath et al.	Dec 1999	A
6006257	Slezak	Dec 1999	A
6009274	Fletcher et al.	Dec 1999	A
6009363	Beckert et al.	Dec 1999	A
6018768	Ullman et al.	Jan 2000	A
6026467	Petty	Feb 2000	A
6028583	Hamburg	Feb 2000	A
6028600	Rosin et al.	Feb 2000	A
6028853	Haartsen	Feb 2000	A
6034689	White et al.	Mar 2000	A
6044403	Gerszberg et al.	Mar 2000	A
6046835	Yamawaki et al.	Apr 2000	A
6047269	Biffar	Apr 2000	A
6049628	Chen et al.	Apr 2000	A
6049671	Slivka et al.	Apr 2000	A
6049835	Gagnon	Apr 2000	A
6058430	Kaplan	May 2000	A
6061058	Owens et al.	May 2000	A
6064375	Velez et al.	May 2000	A
6064376	Berezowski et al.	May 2000	A
6072489	Gough et al.	Jun 2000	A
6073119	Bornemisza-Wahr et al.	Jun 2000	A
6073199	Cohen et al.	Jun 2000	A
6073241	Rosenberg et al.	Jun 2000	A
6094485	Weinstein et al.	Jul 2000	A
6104727	Moura et al.	Aug 2000	A
6108014	Dye	Aug 2000	A
6199204	Donohue	Mar 2001	B1
6202207	Donohue	Mar 2001	B1
6205485	Kikinis	Mar 2001	B1
6240555	Shoff et al.	May 2001	B1
6263501	Schein et al.	Jul 2001	B1
6285985	Horstmann	Sep 2001	B1
6304974	Samar	Oct 2001	B1
6305020	Hoarty et al.	Oct 2001	B1
6313854	Gibson	Nov 2001	B1
6326969	Helman et al.	Dec 2001	B1
6326970	Mott et al.	Dec 2001	B1
6341373	Shaw	Jan 2002	B1
6351745	Itakura et al.	Feb 2002	B1
6367012	Atkinson et al.	Apr 2002	B1
6367080	Enomoto et al.	Apr 2002	B1
6381741	Shaw	Apr 2002	B1
6400371	Helman et al.	Jun 2002	B1
6418556	Bennington et al.	Jul 2002	B1
6459427	Mao et al.	Oct 2002	B1
6487658	Micali	Nov 2002	B1
6510557	Thrift	Jan 2003	B1
6539480	Drews	Mar 2003	B1
6604242	Weinstein et al.	Aug 2003	B1
6668278	Yen et al.	Dec 2003	B1
6816900	Vogel et al.	Nov 2004	B1
6842863	Fox et al.	Jan 2005	B1
6970862	Kwan	Nov 2005	B2
7072948	Yen et al.	Jul 2006	B2
7477832	Young et al.	Jan 2009	B2
7536544	Xiao	May 2009	B2
7631188	Valente	Dec 2009	B2
8078866	Xiao	Dec 2011	B2
8433898	Xiao	Apr 2013	B2
8935525	Xiao	Jan 2015	B2
20010001160	Shoff et al.	May 2001	A1
20020007493	Butler et al.	Jan 2002	A1
20020026634	Shaw	Feb 2002	A1
20020078347	Hericourt et al.	Jun 2002	A1
20020144149	Hanna et al.	Oct 2002	A1
20020147905	Perlman	Oct 2002	A1
20020152382	Xiao	Oct 2002	A1
20040133655	Yen et al.	Jul 2004	A1
20040148636	Weinstein et al.	Jul 2004	A1
20040172661	Yagawa et al.	Sep 2004	A1
20050015815	Shoff et al.	Jan 2005	A1
20060069913	Valente	Mar 2006	A1
20090222574	Xiao	Sep 2009	A1
20120023328	Xiao	Jan 2012	A1
20130019260	Weinstein et al.	Jan 2013	A1
20130283042	Xiao	Oct 2013	A1

Foreign Referenced Citations (3)

Number	Date	Country
9414284	Jun 1994	WO
9828698	Jul 1998	WO
0077974	Dec 2000	WO

Non-Patent Literature Citations (25)

Entry
Freier, Alan 0. et al., “The SSL Protocol Version 3.0,” Mar. 1996, pp. 1-52, Netscape.
Kaliski, Burton S., “A Layman's Guide to a Subset of ASN.1, BER and DER,” Nov. 1, 1993, pp. 1-38, RSA Laboratories.
Malpani, Am Barish et al., “Simple Certificate Validation Protocol (SCVP),” Jul. 2001, pp. 1-23.
PKCS #7: Cryptographic Message Syntax Standard, Nov. 1993, pp. 1-29, RSA Laboratories.
U.S. Appl. No. 09/330,274, filed Jun. 11, 1999.
Bussey HE et al: “Service Architecture, Prototype Description, and Network Implications of a Personalized Information Grazing Service” Multiple Facets of Integration, San Francisco, Jun. 3-7, 1990, Institute of Electrical and Electronic Engineers pp. 1 046-1 053, XPOOO 164339 see whole document.
Lang K: “NewsWeeder: learning to filter news” Machine Learning. Proceedings of the Twelfth International Conference on Machine Learning, Tahoe City, CA, USA, Jul. 9-12, 1995, San Francisco, CA. USA. Morgan Kaufmann Publishers, USA. pp. 331-339, XP002046557 see whole document.
Rosenfeld L B, et al: “Automatic Filtering of Internet Postings” Online. vol. 18, No. 3, May 1994, pp. 27-30, XP000616769 see whole document.
60047809—filing—date.pdf, New Provisional Patent Application Cover Sheet dated May 16, 1997 for U.S. Appl. No. 60/047,809.
K. L. Alexandrini, “A Look at Computer Graphics,” Computer Teaching, pp. 23-25 (Feb. 1985) (abstract only).
Wyle M. F., “A Wide Area Network Information Filter” Proceedings International Conference Artificial Intelligence on Wall Street, Oct. 9, 1991, pp. 10-15, XP000534152 see the whole document.
Yan T. W., et al.: “Sift-A Tool for Wide-Area Information Dissemination” Usenix Technical Confeence, Jan. 16, 1995, pp. 177-186, XP000617276 see the whole document.
“Laura Lemay, ““Microsoft FrontPage 97”” 2nd Edition, Sams. net Publishing, pp. 267-281, Jan. 1997.”
“Hauptmann & Wasel, ““On-line Maintenance with On-the-fly Software Replacement,”” Proceedings of IEEE Third International Conference on Configurable Distributed Systems, May 6-8, 1996, pp. 70-80.”
“Segal & Frieder, ““On-The-Fly Program Modification: Systems for Dynamic Updating,”” IEEE Software, Mar. 1993, pp. 53-65.”
“Frieder et al. Dynamically Updating Distributed Software: Supporting Change in Uncertain and Mistrustful Environments. IEEE. pp. 254-261. Jan. 1989.”
User and Installation Guide from JVC. Page 3, found at <http://www.jvc-america.com/digital—satellites/ds—systems. html>, Mar. 18, 1998.
Dish Network: “The Integrated Satellite TV Receiver & Digital VHS Recorder System” from JVC and DISH Network, 1997, p. 2.
Bruce Schneier: “Applied Cryptography,” 2nd Edition, John Wiley & Sons, Oct. 1995, pp. 185-187, 574-576.
Ellerman, Castedo, “Channel Definition Format (CDF)”, Mar. 9, 1997, W3C.
Kindel, Charlie et al., “Inserting Objects into HTML”, Feb. 18, 1997, W3C.
Maloney, Murray, “Implementing HTML Frames”, Mar. 31, 1997, W3C.
Zigmond, D., “Uniform Resource Locators for Television Broadcasts”, Jun. 1997, IETF.
Zigmond, D., “Uniform Resource Locators for Television and Telephony”, published Nov. 4, 1996.
“Dish Network: ““What America Demands: Lower Cost, More Choice, Greater Value . . . ”” From JVC/DISH Network Advantage.” Filed in U.S. Appl. No. 09/080,577 before Apr. 30, 2002.

Related Publications (1)

	Number	Date	Country
	20150100786 A1	Apr 2015	US

Divisions (1)

	Number	Date	Country
Parent	10057066	Jan 2002	US
Child	12427455		US

Continuations (3)

	Number	Date	Country
Parent	13863507	Apr 2013	US
Child	14570417		US
Parent	13248744	Sep 2011	US
Child	13863507		US
Parent	12427455	Apr 2009	US
Child	13248744		US

Trust information delivery scheme for certificate validation

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications

Disclaimer

Abstract