公开(公告)号：US20240275615A1

公开(公告)日：2024-08-15

申请号：US18642700

申请日：2024-04-22

Applicant: Amazon Technologies, Inc.

Inventor： Michael S. Slaughter ,  Trevoli Ponds-White ,  James Darrin Flanagan ,  Georgy Sebastian

IPC: H04L9/32 ,  H04L9/14

CPC classification number: H04L9/3268 ,  H04L9/14

Abstract: Components of a public certificate authority (CA) generate respective cryptographic assertions during performance of respective tasks of a certificate issuance workflow and a workflow approval component approves/rejects certificate issuance, based upon verification of the cryptographic assertions. For example, a workflow manager may assign tasks of a certificate workflow process to a number of components that process the tasks. The components generate responses and sign the respective responses with keys particular to each component. The workflow manager gathers the cryptographic assertions and sends them to a workflow approval component that validates the assertions, verifies the assertions indicate successful completion of the workflow and approves or rejects certificate issuance.

公开(公告)号：US12101417B1

公开(公告)日：2024-09-24

申请号：US16827563

申请日：2020-03-23

Applicant: Amazon Technologies, Inc.

Inventor： Michael S Slaughter ,  Marcel Andrew Levy ,  Trevoli Ponds-White ,  Derek Bronson ,  Jonathan Kozolchyk ,  Georgy Sebastian ,  Brandonn Gorman ,  Graeme David Baer ,  Israel Galvez ,  Kenneth Lawler

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/40 ,  H04L61/4511

CPC classification number: H04L9/3268 ,  H04L9/321 ,  H04L9/3247 ,  H04L9/3265 ,  H04L61/4511 ,  H04L63/105

Abstract: An interface of a certificate management system acts as a target for management of digital authentication certificates from a group of candidate certificate authorities. Entities make certificate signing requests on behalf of subjects. The requests are received at an interface that appears to the requesting entities as a sole source of the signed certificates. But a certificate management component that processes the requests received by the interface applies a selection technique to select a particular certificate authority from a group of candidate certificate authorities available to sign the certificates. The certificate management component forwards the request to the particular certificate authority, receives back the signed certificate, and responds to the certificate signing request with the signed certificate. Although the certificate signing requests were all made via a same interface, the signed certificates can have different chains of trust. Various criteria may be used for the selection.

公开(公告)号：US12003655B1

公开(公告)日：2024-06-04

申请号：US17544767

申请日：2021-12-07

Applicant: Amazon Technologies, Inc.

Inventor： Michael S. Slaughter ,  Trevoli Ponds-White ,  James Darrin Flanagan ,  Georgy Sebastian

IPC: H04L9/32 ,  H04L9/14

CPC classification number: H04L9/3268 ,  H04L9/14

Abstract: Components of a public certificate authority (CA) generate respective cryptographic assertions during performance of respective tasks of a certificate issuance workflow and a workflow approval component approves/rejects certificate issuance, based upon verification of the cryptographic assertions. For example, a workflow manager may assign tasks of a certificate workflow process to a number of components that process the tasks. The components generate responses and sign the respective responses with keys particular to each component. The workflow manager gathers the cryptographic assertions and sends them to a workflow approval component that validates the assertions, verifies the assertions indicate successful completion of the workflow and approves or rejects certificate issuance.