CA2477026A1 - System and method for enabling bulk retrieval of certificates - Google Patents

System and method for enabling bulk retrieval of certificates Download PDF

Info

Publication number
CA2477026A1
CA2477026A1 CA002477026A CA2477026A CA2477026A1 CA 2477026 A1 CA2477026 A1 CA 2477026A1 CA 002477026 A CA002477026 A CA 002477026A CA 2477026 A CA2477026 A CA 2477026A CA 2477026 A1 CA2477026 A1 CA 2477026A1
Authority
CA
Canada
Prior art keywords
certificates
computing device
certificate
search
certificate server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002477026A
Other languages
French (fr)
Other versions
CA2477026C (en
Inventor
Michael S. Brown
Neil P. Adams
David F. Tapuska
Herbert A. Little
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BlackBerry Ltd
Original Assignee
Research in Motion Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Research in Motion Ltd filed Critical Research in Motion Ltd
Priority to CA2477026A priority Critical patent/CA2477026C/en
Publication of CA2477026A1 publication Critical patent/CA2477026A1/en
Application granted granted Critical
Publication of CA2477026C publication Critical patent/CA2477026C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all of the certificates on those certificate servers. If all of the certificates on a certificate server cannot be successfully retrieved using a single search query, due to a search quota on the certificate server being exceeded for example, the search is re-performed through multiple queries, each corresponding to a narrower subsearch. The invention enables large amounts of certificates to be automatically searched for and retrieved from certificate servers, thereby minimizing the need for users to manually search for individual certificates.

Claims (13)

1. A method for searching and retrieving certificates comprising the steps of:
a) performing a search on each of one or more certificate servers for a plurality of certificates, wherein at least one query is submitted to the respective certificate server to request retrieval of the respective plurality of certificates;
b) for each certificate server that returns all of the respective plurality of certificates as a result of the search performed thereon, downloading the respective plurality of certificates to the computing device;
c) for each certificate server that does not return all of the respective plurality of certificates as a result of the search performed thereon, performing the substeps of i) dividing the respective search into a plurality of subsearches, ii) performing the subsearches recursively, wherein at least one query is submitted to the respective certificate server for each subsearch, wherein the respective certificate server returns at least a subset of the respective plurality of certificates as a collective result of the subsearches of the respective search, and iii) downloading the at least a subset of the respective plurality of certificates to the computing device; and d) storing at least a subset of certificates downloaded to the computing device in one or more certificate stores.
2. The method of claim 1, wherein the steps are performed by a certificate synchronization application executing and residing on the computing device upon initiation of the search by a user.
3. The method of claim 1, wherein the substeps of step d) are performed for each certificate server that does not return all of the respective plurality of certificates due to a search quota on the respective certificate server being exceeded.
4. The method of claim 1, wherein the storing step comprises storing at least a subset of certificates downloaded to the computing device in a certificate store on the computing device.
5. The method of claim 1, wherein the storing step comprises storing at least a subset of certificates downloaded to the computing device in a certificate store on a mobile device, wherein the at least a subset of certificates is transmitted from the computing device to the mobile device.
6. The method of claim 1, further comprising the steps of: generating a list of certificates identifying one or more certificates downloaded to the computing device; displaying the list to a user; and receiving user selections of selected certificates identified in the list; wherein the at feast a subset of certificates stored at step e) comprises the selected certificates.
7. The method of claim 1, further comprising the step of filtering out duplicate downloaded certificates prior to step e).
8. The method of claim 1, wherein the one or more certificate servers comprises one or more LDAP servers.
9. The method of claim 1, wherein the dividing substep comprises dividing the respective search into subsearches, each subsearch for searching certificates issued to names beginning with one of a plurality of prefixes.
10. The method of claim 9, wherein each of the plurality of prefixes includes only alphabetic characters.
11. The method of claim 9, wherein each subsearch of the respective search corresponds to a letter of the alphabet.
12. A software application for execution on a computing device, the application comprising a plurality of instructions stored on a computer-readable medium, the instructions for a method of searching and retrieving certificates, the method comprising the steps of:
a) performing a search on each of one or more certificate servers for a plurality of certificates, wherein at least one query is submitted to the respective certificate server to request retrieval of the respective plurality of certificates;
b) for each certificate server that returns all of the respective plurality of certificates as a result of the search performed thereon, downloading the respective plurality of certificates to the computing device;
c) for each certificate server that does not return all of the respective plurality of certificates as a result of the search performed thereon, performing the substeps of i) dividing the respective search into a plurality of subsearches, ii) performing the subsearches recursively, wherein at least one query is submitted to the respective certificate server for each subsearch, wherein the respective certificate server returns at least a subset of the respective plurality of certificates as a collective result of the subsearches of the respective search, and iii) downloading the at least a subset of the respective plurality of certificates to the computing device; and d) storing at least a subset of certificates downloaded to the computing device in one or more certificate stores.
13. A system for searching and retrieving certificates comprising at least one computing device, wherein a certificate synchronization application executes and resides on a computing device of the at least one computing device, the certificate synchronization application programmed to:
a) perform a search on each of one or more certificate servers for a plurality of certificates, wherein at least one query is submitted to the respective certificate server to request retrieval of the respective plurality of certificates;
b) for each certificate server that returns all of the respective plurality of certificates as a result of the search performed thereon, download the respective plurality of certificates to a computing device of the at least one computing device;
c) for each certificate server that does not return all of the respective plurality of certificates as a result of the search performed thereon, perform the substeps of i) dividing the respective search into a plurality of subsearches, ii) performing the subsearches recursively, wherein at least one query is submitted to the respective certificate server for each subsearch, wherein the respective certificate server returns at least a subset of the respective plurality of certificates as a collective result of the subsearches of the respective search, and iii) downloading the at least a subset of the respective plurality of certificates to a computing device of the at least one computing device; and d) store at least a subset of the downloaded certificates in one or more certificate stores.
CA2477026A 2004-08-09 2004-08-09 System and method for enabling bulk retrieval of certificates Expired - Lifetime CA2477026C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA2477026A CA2477026C (en) 2004-08-09 2004-08-09 System and method for enabling bulk retrieval of certificates

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CA2477026A CA2477026C (en) 2004-08-09 2004-08-09 System and method for enabling bulk retrieval of certificates

Publications (2)

Publication Number Publication Date
CA2477026A1 true CA2477026A1 (en) 2006-02-09
CA2477026C CA2477026C (en) 2011-07-12

Family

ID=35851886

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2477026A Expired - Lifetime CA2477026C (en) 2004-08-09 2004-08-09 System and method for enabling bulk retrieval of certificates

Country Status (1)

Country Link
CA (1) CA2477026C (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8904170B2 (en) 2004-08-09 2014-12-02 Blackberry Limited System and method for enabling bulk retrieval of certificates

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8904170B2 (en) 2004-08-09 2014-12-02 Blackberry Limited System and method for enabling bulk retrieval of certificates

Also Published As

Publication number Publication date
CA2477026C (en) 2011-07-12

Similar Documents

Publication Publication Date Title
US8707313B1 (en) Scheduler for search engine crawler
US7716201B2 (en) Method and apparatus for reconstructing a search query
US10621241B2 (en) Scheduler for search engine crawler
US7779006B2 (en) Peer-to-peer file sharing
AU2016369586B2 (en) Method and device for correlating multiple tables in a database environment
CA2517209A1 (en) Providing certificate matching in a system and method for searching and retrieving certificates
US20220253491A1 (en) Information Recommendation Method and Apparatus, and Electronic Device
JP2002511169A (en) Database query system and method
CN110737663A (en) data storage method, device, equipment and storage medium
CN110941641B (en) Method for searching data across multiple databases
US20080281811A1 (en) Method of Obtaining a Representation of a Text
EP3098726A1 (en) Method for extracting useful content from setup files of mobile applications
US7467136B2 (en) System and method for persistent query information retrieval
CA2477026A1 (en) System and method for enabling bulk retrieval of certificates
JP2009259039A (en) Method for retrieving a plurality of databases and meta-search server
CN116644146A (en) Document searching method, device and system, electronic equipment and storage medium
WO2007120781A2 (en) Systems and methods for performing searches within vertical domains
JP4675986B2 (en) Information sharing apparatus and information sharing program
CN114116805A (en) Data query method and device and storage medium
CN113868533A (en) Application search method and device, electronic equipment and storage medium
CN106874400A (en) A kind of data processing method and server
JP5178813B2 (en) Search system and method
JP4119057B2 (en) Search system, search device, and recording medium recording program
JP2004110216A (en) Searching device and method
JP2000029892A (en) Recommendation system

Legal Events

Date Code Title Description
EEER Examination request