发明申请
US20120210129A1 METHOD AND APPARATUS FOR EXTERNAL ORGANIZATION PATH LENGTH VALIDATION WITHIN A PUBLIC KEY INFRASTRUCTURE (PKI)
有权
公共关键基础设施(PKI)中外部组织路线长度验证的方法和装置
- 专利标题: METHOD AND APPARATUS FOR EXTERNAL ORGANIZATION PATH LENGTH VALIDATION WITHIN A PUBLIC KEY INFRASTRUCTURE (PKI)
- 专利标题(中): 公共关键基础设施(PKI)中外部组织路线长度验证的方法和装置
-
申请号: US13452408申请日: 2012-04-20
-
公开(公告)号: US20120210129A1公开(公告)日: 2012-08-16
- 发明人: Anthony R. Metke , Donald E. Eastlake, III
- 申请人: Anthony R. Metke , Donald E. Eastlake, III
- 申请人地址: US IL Schaumburg
- 专利权人: MOTOROLA SOLUTIONS, INC.
- 当前专利权人: MOTOROLA SOLUTIONS, INC.
- 当前专利权人地址: US IL Schaumburg
- 主分类号: H04L9/30
- IPC分类号: H04L9/30
摘要:
A method for external organization path length (EOPL) validation is provided. A relying party node of an organization receives an authentication request from a subject node of an external organization. The relying party node then obtains and evaluates certificates from a chain of certificates that link the subject node to a trust anchor of the relying party node wherein, at least one certificate from the chain of certificates comprises an enabled external organization flag (EOF) and/or an external organization path length constraint (EOPLC). The relying party node invalidates authentication of the subject node when the relying party node determines that a total number of enabled EOFs from certificates in the chain of certificates exceeds the lowest EOPLC value from certificates in the chain of certificates.
公开/授权文献
信息查询
