Method and system for issuing CA certificate

A technology of CA certificate and signature information, which is applied in the field of reducing the issuance of CA certificate errors, and can solve problems such as certificate error issuance to malicious users

Active Publication Date: 2019-01-04
CHINA INTERNET NETWORK INFORMATION CENTER
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problem of wrongly issuing certificates to malicious users who claim to own a specific domain name but do not actually own a specific domain name, the present invention provides a method and system for reducing wrongly issued CA certificates. Compliance with domain name certificates issued by high-level agencies to reduce the occurrence of wrongly issued domain names

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for issuing CA certificate
  • Method and system for issuing CA certificate
  • Method and system for issuing CA certificate

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The present invention is described in further detail below in conjunction with accompanying drawing:

[0025] 1) The user submits the CA certificate application for the example.com domain name to the CA registrar proxy server through the user terminal.

[0026] 2) The CA registrar proxy server reviews the example.com domain name and its information submitted by the user, and submits the verified example.com domain name to the CA to issue the indicator.

[0027] 3) The CA issuing indicator adds the issuing record of the domain name in the form, fills in the field information of the domain name, and notifies the CA registration authority server to sign the domain name.

[0028]

[0029] 4) The CA registration authority server invokes the signature generator to sign the example.com domain name, and returns the signature information eeb15e1270c0ca233e60073250c8ad2531a07dfa to the CA issuance indicator.

[0030] 5) The CA issuance indicator updates the signature informat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a system for issuing a CA certificate. This method is as follows: 1) The domain name owner submits the CA certificate application for the domain name to the CA registrar proxy server; if the audit is passed, the domain name is submitted to the CA issuing indicator; 2) After the issuing indicator generates an issuing record for the domain name Notify the CA registration authority server to sign the domain name, and return the signature information to the issuing indicator; 3) The issuing indicator updates the issuing record and returns success information to the registrar proxy server; 4) The registrar proxy server sends the signature information to The domain name owner; 5) The domain name owner sends the signature information to the DNS server to configure the corresponding TXT record; 6) The registrar server queries the DNS server for the TXT record of the domain name, and if there is the domain name signature information, the CA The certificate is issued to the domain name owner; otherwise, the CA certificate is refused. The present invention can reduce the occurrence of wrongly issued domain names.

Description

technical field [0001] The invention relates to a method and a system for reducing wrong issuance of CA certificates, and belongs to the technical field of computer networks. Background technique [0002] CA certificates are usually issued to authorized users. This certificate is usually bound to a specific domain name in order to establish a secure TLS or SSL connection. Since the CA often cannot determine whether a specific user has an association or management relationship with a specific domain name, the CA often issues certificates for specific domain names to some malicious users by mistake, and these domain names do not belong to malicious users. Malicious users usually use some forged or illegal materials to prove that they are the owner of a specific domain name, and the CA organization cannot distinguish whether these materials are forged or illegal, so they mistakenly issue the CA certificate of the specific domain name to those who do not own the specific domain...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06H04L29/12
CPCH04L9/3247H04L9/3263H04L63/0823H04L63/1441H04L63/308H04L61/4511
Inventor 李晓东姚健康孔宁
Owner CHINA INTERNET NETWORK INFORMATION CENTER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap