CA certificate issuance method and system

A technology of CA certificate and signature information, which is applied in the field of reducing the issuance of CA certificates by mistake.

Active Publication Date: 2016-06-15
CHINA INTERNET NETWORK INFORMATION CENTER
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problem of wrongly issuing certificates to malicious users who claim to own a specific domain name but do not actually own a specific domain name, the present invention provides a method and system for reducing wrongly issued CA certificates. Compliance with domain name certificates issued by high-level agencies to reduce the occurrence of wrongly issued domain names

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • CA certificate issuance method and system
  • CA certificate issuance method and system
  • CA certificate issuance method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The present invention is described in further detail below in conjunction with accompanying drawing:

[0025] 1) The user submits the CA certificate application for the example.com domain name to the CA registrar proxy server through the user terminal.

[0026] 2) The CA registrar proxy server reviews the example.com domain name and its information submitted by the user, and submits the verified example.com domain name to the CA to issue the indicator.

[0027] 3) The CA issuing indicator adds the issuing record of the domain name in the form, fills in the field information of the domain name, and notifies the CA registration authority server to sign the domain name.

[0028]

[0029] 4) The CA registration authority server invokes the signature generator to sign the example.com domain name, and returns the signature information eeb15e1270c0ca233e60073250c8ad2531a07dfa to the CA issuance indicator.

[0030] 5) The CA issuance indicator updates the signature informat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a CA certificate issuance method and system. The method comprises: 1) a domain name owner submitting a domain name CA certificate application to a CA registrar proxy server, and if the application is approved, submitting a domain name to a CA issuance indicator; 2) the issuance indicator generating issuance recording for the domain name, then notifying a CA registration authority server to sign the domain name, and returning signature information to the issuance indicator; 3) the issuance indicator updating the issuance recording, and returning successful information to the registrar proxy server; 4) the registrar proxy server sending the signature information to the domain name owner; 5) the domain name owner sending the signature information to a DNS server to be configured to corresponding TXT recording; and 6) the registration authority server querying the TXT recording in the DNS server, issuing a CA certificate to the domain name owner if the domain name signature information exists, or refusing issuing a CA certificate. The CA certificate issuance method and system can reduce wrongly issued domain names.

Description

technical field [0001] The invention relates to a method and a system for reducing wrong issuance of CA certificates, and belongs to the technical field of computer networks. Background technique [0002] CA certificates are usually issued to authorized users. This certificate is usually bound to a specific domain name in order to establish a secure TLS or SSL connection. Since the CA often cannot determine whether a specific user has an association or management relationship with a specific domain name, the CA often issues certificates for specific domain names to some malicious users by mistake, and these domain names do not belong to malicious users. Malicious users usually use some forged or illegal materials to prove that they are the owner of a specific domain name, and the CA organization cannot distinguish whether these materials are forged or illegal, so they mistakenly issue the CA certificate of the specific domain name to those who do not own the specific domain...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L29/06H04L29/12
CPCH04L9/3247H04L9/3263H04L63/0823H04L63/1441H04L63/308H04L61/4511
Inventor 李晓东姚健康孔宁
Owner CHINA INTERNET NETWORK INFORMATION CENTER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap