logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 9660817 B1

PDFFull Text
Date of Patent:
May. 23, 2017

Filed:

Aug. 01, 2014

Advising clients about certificate authority trust

Applicant:

Microsoft Corporation, Redmond, WA (US);

Inventors:

Anooshiravan Saboori, Seattle, WA (US);

Muhammad Umar Janjua, Bellevue, WA (US);

Nelly Porter, Kirkland, WA (US);

Philip Hallin, Port Townsend, WA (US);

Haitao Li, Sammamish, WA (US);

Xiaohong Su, Sammamish, WA (US);

Kelvin Yiu, Bellevue, WA (US);

Anthony Paul Penta, Bellevue, WA (US);

Vassil Dimitrov Bakalov, Redmond, WA (US);

Bryston Mitsuo Nitta, Redmond, WA (US);

Assignee:

Microsoft Technology Licensing, LLC, Redmond, WA (US);

Attorney:

Cooper Legal Group, LLC

Primary Examiner:

Carl Colin

Assistant Examiner:

Ghodrat Jamshidi

Int. Cl.
CPC ...
H04L 29/06 (2006.01); H04L 9/32 (2006.01);
U.S. Cl.
CPC ...
H04L 9/3268 (2013.01); H04L 9/321 (2013.01); H04L 9/3263 (2013.01); H04L 9/3265 (2013.01); H04L 63/0823 (2013.01);
Abstract

In many information security scenarios, a certificate issued by a certificate authority may be presented to a client in order to assert a trust level of a certificated item, such as a message or a web page. However, due to a decentralized structure and incomplete coordination among certificate authorities, the presence and exploitation of security vulnerabilities to issue untrustworthy certificates may be difficult to determine, particularly for an individual client. Presented herein are techniques for advising clients of the reputations of respective certificate authorities by evaluating the certificates issued by such certificate authorities, such as the number and types of domains certified by the certificate; the number and pattern of certificates issued for the domain; and the certification techniques used to issue the certificates. Such evaluation enables a determination of a certificate authority trust level that may be distributed to the clients in a certificate authority trust set.

Find Patent Forward Citations

Loading…