System and method for safely verifying domain name ownership during years of SSL certificate application

A technology of security verification and verification method, which is applied in the system field of securely verifying domain name ownership when applying for multi-year SSL certificates. Realize the effect of security verification

Active Publication Date: 2022-03-25
TRUSTASIA TECH INC
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0031]Applicants only need to start a web service on the server and listen to port 80 or 443, and reverse proxy the file verification path address to the reverse proxy provided by the certificate or server manufacturer. Proxy address, in order to cooperate with the online review of the CA center, to realize the automation of document verification, but this method is intrusive to online services, and the safety factor is not high, and the new industry norms will also reduce the ability to issue SSL certificates in this way grade
[0032]Compared with DNS verification and file verification, it does not require a certain foundation for building a website, and has a higher safety factor. Email verification has not been automated by any manufacturer so far , according to the notice issued by the CA / B Forum, from December 1, 2021, wildcard SSL certificates will not support file verification domain names. This major change in domain name verification methods will directly cause more certificate applicants to choose email verification. In this way, automating email verification will also become a new demand in the future

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for safely verifying domain name ownership during years of SSL certificate application
  • System and method for safely verifying domain name ownership during years of SSL certificate application
  • System and method for safely verifying domain name ownership during years of SSL certificate application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0094] In this example, the first verification method is given, such as figure 2 As shown, it specifically includes the following steps:

[0095] 1. The applicant submits [domain name to be verified 1] to the order module and selects the DCV method as email verification, and initiates a certificate application;

[0096] 2. The order module stores [domain name to be verified 1] and generates [order number 1] associated with it, and obtains the specified unique email address from the mail service module and returns it to the applicant. In this example, [order number 1] + [ [Random value] is encrypted to obtain [ciphertext unique value] to generate a specified unique email address, and its format is as follows:

[0097] The unique value of ciphertext @dcv.httpsauto.com (agent verification domain name);

[0098] 3. The applicant sets the mailbox used to receive the verification email as the above-mentioned unique email address through the DNS TXT record, and notifies...

Embodiment 2

[0117] In this example, the second verification method is given, such as image 3 As shown, it specifically includes the following steps:

[0118] 1. The applicant submits [domain name to be verified 1] to the order module and selects the DCV method as email verification, and initiates a certificate application;

[0119] 2. The order module stores [domain name to be verified 1] and generates [order number 1] associated with it, and obtains the specified unique email address from the mail service module and returns it to the applicant. In this example, [order number 1] + [ [Random value] is encrypted to obtain [ciphertext unique value] to generate a specified unique email address, and its format is as follows:

[0120] The unique value of ciphertext @dcv.httpsauto.com (agent verification domain name);

[0121] 3. The applicant sets the email address for receiving DCV emails as the specified unique email address through the DNS TXT record, and notifies the above ord...

Embodiment 3

[0138] In this example, the third verification method is given, such as Figure 4 As shown, it specifically includes the following steps:

[0139] 1. The applicant submits [domain name to be verified 1] to the order module and selects the DCV method as email verification, and initiates a certificate application;

[0140] 2. The order module stores [domain name to be verified 1] and generates [order number 1] associated with it, and obtains the specified unique email address from the mail service module and returns it to the applicant. In this example, [order number 1] + [ [Random value] is encrypted to obtain [ciphertext unique value] to generate a specified unique email address, and its format is as follows:

[0141] The unique value of ciphertext @dcv.httpsauto.com (agent verification domain name);

[0142] 3. The applicant will set up any one of the 8 mailboxes used to receive DCV mails to be automatically forwarded, and forward the verification mail from the C...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a system and a method for safely verifying domain name ownership during years of SSL certificate application, and the system comprises an order module which is used for receiving a certificate request of an applicant and agenting the applicant to send an application to a CA mechanism; the mail service module is used for providing an appointed unique mailbox for receiving the verification mail for the applicant and receiving the verification mail sent by the CA; and the automatic verification module is used for automatically analyzing the verification mail received by the verification mail service module. Compared with the prior art, the method has the advantages of automatic verification, simplicity in operation, safety in verification, guarantee of safety of cross-account verification and the like.

Description

technical field [0001] The invention relates to the technical field of digital certificate security verification, in particular to a system and method for securely verifying domain name ownership when applying for a multi-year SSL certificate. Background technique [0002] As a common digital certificate, the SSL certificate is issued by a trusted digital certificate authority CA and is used to establish an encrypted connection between the applicant's browser and the website to protect the security and privacy of data in the communication network. Nowadays, manufacturers of major mainstream browsers will prompt "unsafe or dangerous" for websites without SSL certificates installed, while website browsers with SSL certificates installed will display security signs, indicating that the connection is safe. [0003] When applying for an SSL certificate, an enterprise or individual webmaster must cooperate with a CA review agency to complete DCV (Domain Control Verification) to pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/40H04L61/4511
CPCH04L9/3268H04L63/18H04L63/0807
Inventor 厚建勇程锦余宁
Owner TRUSTASIA TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap