KR102025960B1 - 서버 네임 표시를 이용하지 않는 암시적 ssl 인증서 관리 기법 - Google Patents

서버 네임 표시를 이용하지 않는 암시적 ssl 인증서 관리 기법 Download PDF

Info

Publication number
KR102025960B1
KR102025960B1 KR1020147020979A KR20147020979A KR102025960B1 KR 102025960 B1 KR102025960 B1 KR 102025960B1 KR 1020147020979 A KR1020147020979 A KR 1020147020979A KR 20147020979 A KR20147020979 A KR 20147020979A KR 102025960 B1 KR102025960 B1 KR 102025960B1
Authority
KR
South Korea
Prior art keywords
ssl certificate
ssl
hostname
name
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
KR1020147020979A
Other languages
English (en)
Korean (ko)
Other versions
KR20140117449A (ko
Inventor
원석 유
억 김
제니 로랜스
디 마르코 아니엘로 스코토
야미니 자가디산
웨이드 힐모
Original Assignee
마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 filed Critical 마이크로소프트 테크놀로지 라이센싱, 엘엘씨
Publication of KR20140117449A publication Critical patent/KR20140117449A/ko
Application granted granted Critical
Publication of KR102025960B1 publication Critical patent/KR102025960B1/ko
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/663Transport layer addresses, e.g. aspects of transmission control protocol [TCP] or user datagram protocol [UDP] ports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)
KR1020147020979A 2012-01-27 2013-01-21 서버 네임 표시를 이용하지 않는 암시적 ssl 인증서 관리 기법 Expired - Fee Related KR102025960B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/359,507 US8738902B2 (en) 2012-01-27 2012-01-27 Implicit SSL certificate management without server name indication (SNI)
US13/359,507 2012-01-27
PCT/US2013/022352 WO2013112389A1 (en) 2012-01-27 2013-01-21 Implicit ssl certificate management without server name indication (sni)

Publications (2)

Publication Number Publication Date
KR20140117449A KR20140117449A (ko) 2014-10-07
KR102025960B1 true KR102025960B1 (ko) 2019-09-26

Family

ID=48871366

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020147020979A Expired - Fee Related KR102025960B1 (ko) 2012-01-27 2013-01-21 서버 네임 표시를 이용하지 않는 암시적 ssl 인증서 관리 기법

Country Status (6)

Country Link
US (1) US8738902B2 (enExample)
EP (1) EP2807789B1 (enExample)
JP (1) JP6058699B2 (enExample)
KR (1) KR102025960B1 (enExample)
CN (1) CN104094554B (enExample)
WO (1) WO2013112389A1 (enExample)

Families Citing this family (56)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9015469B2 (en) 2011-07-28 2015-04-21 Cloudflare, Inc. Supporting secure sessions in a cloud-based proxy service
WO2013123280A1 (en) * 2012-02-16 2013-08-22 F5 Network, Inc. Methods for secure cummunication between network device services and devices thereof
US9237168B2 (en) * 2012-05-17 2016-01-12 Cisco Technology, Inc. Transport layer security traffic control using service name identification
US8782774B1 (en) 2013-03-07 2014-07-15 Cloudflare, Inc. Secure session capability using public-key cryptography without access to the private key
EP4224342A1 (en) * 2013-03-15 2023-08-09 Netop Solutions A/S System and method for secure application communication between networked processors
US10524122B2 (en) 2014-01-31 2019-12-31 Microsoft Technology Licensing, Llc Tenant based signature validation
US9565198B2 (en) * 2014-01-31 2017-02-07 Microsoft Technology Licensing, Llc Tenant based signature validation
US10389709B2 (en) 2014-02-24 2019-08-20 Amazon Technologies, Inc. Securing client-specified credentials at cryptographically attested resources
US9332003B2 (en) * 2014-03-20 2016-05-03 Symantec Corporation Systems and methods for discovering website certificate information
US10178181B2 (en) * 2014-04-02 2019-01-08 Cisco Technology, Inc. Interposer with security assistant key escrow
US8966267B1 (en) 2014-04-08 2015-02-24 Cloudflare, Inc. Secure session capability using public-key cryptography without access to the private key
US8996873B1 (en) 2014-04-08 2015-03-31 Cloudflare, Inc. Secure session capability using public-key cryptography without access to the private key
US9184911B2 (en) * 2014-04-08 2015-11-10 Cloudflare, Inc. Secure session capability using public-key cryptography without access to the private key
CN103973694B (zh) * 2014-05-14 2017-05-10 北京太一星晨信息技术有限公司 安全套接层协议实体访问非连续内存的方法及接口装置
US10171532B2 (en) * 2014-09-30 2019-01-01 Citrix Systems, Inc. Methods and systems for detection and classification of multimedia content in secured transactions
US10303879B1 (en) 2014-11-06 2019-05-28 Amazon Technologies, Inc. Multi-tenant trusted platform modules
US9525672B2 (en) * 2014-12-19 2016-12-20 Amazon Technologies, Inc. Multi-faceted compute instance identity
CN105991589B (zh) * 2015-02-13 2019-04-26 华为技术有限公司 一种用于重定向的方法、装置及系统
US9756106B2 (en) 2015-02-13 2017-09-05 Citrix Systems, Inc. Methods and systems for estimating quality of experience (QoE) parameters of secured transactions
US10021221B2 (en) 2015-02-24 2018-07-10 Citrix Systems, Inc. Methods and systems for detection and classification of multimedia content in secured transactions using pattern matching
US20160255047A1 (en) * 2015-02-26 2016-09-01 Citrix Systems, Inc. Methods and systems for determining domain names and organization names associated with participants involved in secured sessions
JP6471537B2 (ja) * 2015-02-27 2019-02-20 ブラザー工業株式会社 通信機器
US10193698B1 (en) 2015-06-26 2019-01-29 Juniper Networks, Inc. Avoiding interdicted certificate cache poisoning for secure sockets layer forward proxy
US10291651B1 (en) 2015-06-26 2019-05-14 Juniper Networks, Inc. Unified secure socket layer decryption
US9893883B1 (en) * 2015-06-26 2018-02-13 Juniper Networks, Inc. Decryption of secure sockets layer sessions having enabled perfect forward secrecy using a diffie-hellman key exchange
US10305871B2 (en) 2015-12-09 2019-05-28 Cloudflare, Inc. Dynamically serving digital certificates based on secure session properties
US10505985B1 (en) * 2016-04-13 2019-12-10 Palo Alto Networks, Inc. Hostname validation and policy evasion prevention
GB2551580A (en) * 2016-06-24 2017-12-27 Sony Corp Data communications
US10326730B2 (en) 2016-06-27 2019-06-18 Cisco Technology, Inc. Verification of server name in a proxy device for connection requests made using domain names
JP6668183B2 (ja) * 2016-07-01 2020-03-18 株式会社東芝 通信装置、通信方法、通信システムおよびプログラム
US10320572B2 (en) * 2016-08-04 2019-06-11 Microsoft Technology Licensing, Llc Scope-based certificate deployment
JP6589223B2 (ja) * 2016-08-31 2019-10-16 日本電信電話株式会社 サービス推定装置、サービス推定方法、及びプログラム
US11063758B1 (en) 2016-11-01 2021-07-13 F5 Networks, Inc. Methods for facilitating cipher selection and devices thereof
CN110036605A (zh) 2016-11-30 2019-07-19 日本电气株式会社 通信设备、通信方法和程序
US10545940B2 (en) * 2017-02-22 2020-01-28 Red Hat, Inc. Supporting secure layer extensions for communication protocols
CN107147497B (zh) * 2017-05-02 2018-07-06 北京海泰方圆科技股份有限公司 信息处理方法和装置
CN107493174B (zh) * 2017-09-05 2020-12-15 成都知道创宇信息技术有限公司 基于cdn网络的ssl证书智能绑定与管理方法
US11888840B2 (en) * 2017-11-09 2024-01-30 Mitsubishi Electric Corporation Apparatus and method for selection and transmission of server certificate
US10728238B2 (en) 2017-12-13 2020-07-28 Paypal, Inc. Systems and methods encrypting messages using multiple certificates
CN108156224B (zh) * 2017-12-14 2020-11-13 格尔软件股份有限公司 基于tls协议sni机制实现自定义代理隧道协议的方法
US10810279B2 (en) * 2018-02-07 2020-10-20 Akamai Technologies, Inc. Content delivery network (CDN) providing accelerated delivery of embedded resources from CDN and third party domains
CN110825400B (zh) * 2018-08-14 2024-04-23 杭州萤石软件有限公司 一种应用程序客户端的证书更新方法和系统
CN109413196A (zh) * 2018-11-13 2019-03-01 四川长虹电器股份有限公司 一种智能匹配https访问证书的方法
CN110213249A (zh) * 2019-05-20 2019-09-06 网宿科技股份有限公司 基于请求粒度的证书动态加载方法、装置和服务器
CN111147251A (zh) * 2019-12-18 2020-05-12 深圳市任子行科技开发有限公司 动态签发证书的方法及装置
US10903990B1 (en) 2020-03-11 2021-01-26 Cloudflare, Inc. Establishing a cryptographic tunnel between a first tunnel endpoint and a second tunnel endpoint where a private key used during the tunnel establishment is remotely located from the second tunnel endpoint
US11336692B1 (en) * 2020-05-07 2022-05-17 NortonLifeLock Inc. Employing SNI hostname extraction to populate a reverse DNS listing to protect against potentially malicious domains
US11683301B2 (en) 2020-07-27 2023-06-20 Red Hat, Inc. Automatically obtaining a signed digital certificate from a trusted certificate authority
WO2022118082A1 (en) * 2020-12-03 2022-06-09 Bharanishunkkar Shanmugavel System and method for securing and resolving internet protocol address
EP4009602B1 (en) * 2020-12-07 2022-11-09 Siemens Healthcare GmbH Providing a first digital certificate and a dns response
CN112714184B (zh) * 2020-12-29 2022-07-15 杭州迪普科技股份有限公司 握手过程处理方法及装置
CN113364795B (zh) * 2021-06-18 2023-03-24 北京天空卫士网络安全技术有限公司 一种数据传输方法和代理服务器
CN113746856B (zh) * 2021-09-09 2023-04-07 上海格尔安全科技有限公司 Ssl可选验证方法、装置、计算机设备和存储介质
US20230328103A1 (en) * 2022-04-07 2023-10-12 Citrix Systems, Inc. Systems and methods for updating microservices secure sockets layer certificate
US12413423B2 (en) * 2023-09-22 2025-09-09 International Business Machines Corporation Localhost digital certificate discovery and reconciliation
CN119519986B (zh) * 2024-11-20 2025-10-14 天翼云科技有限公司 数字证书处理方法、装置、计算机设备和可读存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7000108B1 (en) 2000-05-02 2006-02-14 International Business Machines Corporation System, apparatus and method for presentation and manipulation of personal information syntax objects
US20070177731A1 (en) 2003-06-25 2007-08-02 Terence Spies Identity-based-encryption messaging system with public parameter host servers
US20080263215A1 (en) 2007-04-23 2008-10-23 Schnellbaecher Jan F Transparent secure socket layer
US20100057837A1 (en) 2008-09-03 2010-03-04 Microsoft Corporation Shared hosting using host name affinity

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7209479B2 (en) 2001-01-18 2007-04-24 Science Application International Corp. Third party VPN certification
JP3724564B2 (ja) * 2001-05-30 2005-12-07 日本電気株式会社 認証システム及び認証方法並びに認証用プログラム
US7363353B2 (en) * 2001-07-06 2008-04-22 Juniper Networks, Inc. Content service aggregation device for a data center
US7305492B2 (en) * 2001-07-06 2007-12-04 Juniper Networks, Inc. Content service aggregation system
JP2003271553A (ja) * 2002-03-18 2003-09-26 Matsushita Electric Ind Co Ltd ウェブサーバ端末とそのネットワークシステム、及びそのアクセス制御方法
US7739494B1 (en) 2003-04-25 2010-06-15 Symantec Corporation SSL validation and stripping using trustworthiness factors
WO2005033868A2 (en) 2003-09-29 2005-04-14 Ayman, Llc Delegated certificate authority
US7694135B2 (en) * 2004-07-16 2010-04-06 Geotrust, Inc. Security systems and services to provide identity and uniform resource identifier verification
US7512974B2 (en) * 2004-09-30 2009-03-31 International Business Machines Corporation Computer system and program to update SSL certificates
JP2009217676A (ja) * 2008-03-12 2009-09-24 Oki Electric Ind Co Ltd 保険金等申請受付装置、保険金等申請受付方法、およびプログラム
JP4252620B1 (ja) 2008-08-27 2009-04-08 グローバルサイン株式会社 サーバ証明書発行システム
US8971539B2 (en) * 2010-12-30 2015-03-03 Verisign, Inc. Management of SSL certificate escrow
US9015469B2 (en) * 2011-07-28 2015-04-21 Cloudflare, Inc. Supporting secure sessions in a cloud-based proxy service

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7000108B1 (en) 2000-05-02 2006-02-14 International Business Machines Corporation System, apparatus and method for presentation and manipulation of personal information syntax objects
US20070177731A1 (en) 2003-06-25 2007-08-02 Terence Spies Identity-based-encryption messaging system with public parameter host servers
US20080263215A1 (en) 2007-04-23 2008-10-23 Schnellbaecher Jan F Transparent secure socket layer
US20100057837A1 (en) 2008-09-03 2010-03-04 Microsoft Corporation Shared hosting using host name affinity

Also Published As

Publication number Publication date
EP2807789B1 (en) 2019-02-27
CN104094554A (zh) 2014-10-08
WO2013112389A1 (en) 2013-08-01
EP2807789A1 (en) 2014-12-03
JP6058699B2 (ja) 2017-01-11
US8738902B2 (en) 2014-05-27
EP2807789A4 (en) 2015-12-30
KR20140117449A (ko) 2014-10-07
US20130198511A1 (en) 2013-08-01
CN104094554B (zh) 2017-05-03
JP2015513810A (ja) 2015-05-14

Similar Documents

Publication Publication Date Title
KR102025960B1 (ko) 서버 네임 표시를 이용하지 않는 암시적 ssl 인증서 관리 기법
CN102427484B (zh) 基于dns来确定设备是否处于网络内部的方法和装置
US10033818B2 (en) Using listen ranges to deliver content to electronic devices from local caching servers
US9231904B2 (en) Deploying and managing networked devices
EP2933986B1 (en) Computer-implemented method and computer program product for processing named entity queries using a cached functionality in a domain name system
US8572691B2 (en) Selecting a web service from a service registry based on audit and compliance qualities
US9413750B2 (en) Facilitating single sign-on (SSO) across multiple browser instance
US7228359B1 (en) Methods and apparatus for providing domain name service based on a client identifier
CN103563295B (zh) 分布关于一个或多个电气装置的信息的方法及其系统
KR20140138182A (ko) 클라우드에서 투명하게 호스팅되는 조직들에 대한 아이덴티티 서비스
US10382593B2 (en) IPv4/IPv6 bridge
US11620354B2 (en) System and method for protected proxy design for dynamic API scanning service
JP2012235464A (ja) Dnssec署名サーバ
US9544190B2 (en) Application configuration using DNS-based service discovery
WO2013008352A1 (ja) 認証システムおよび認証方法
US20090100500A1 (en) Scalable distributed web-based authentication
US12381847B2 (en) Secure networking engine for a secure networking system
WO2014197128A1 (en) Methods and systems for single sign-on while protecting user privacy
CN117640765A (zh) 云环境服务访问方法及系统
US11438393B1 (en) Origin server address rotation
US8854650B2 (en) Network printing system executing printing by comparing certification information in a database
EP2805447A1 (en) Integrating server applications with multiple authentication providers
US20130111004A1 (en) File manager having an HTTP-based user interface
Boyce Linux networking cookbook
Bialaski et al. Solaris and LDAP naming services: deploying LDAP in the Enterprise

Legal Events

Date Code Title Description
PA0105 International application

St.27 status event code: A-0-1-A10-A15-nap-PA0105

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

N231 Notification of change of applicant
PN2301 Change of applicant

St.27 status event code: A-3-3-R10-R13-asn-PN2301

St.27 status event code: A-3-3-R10-R11-asn-PN2301

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

D13-X000 Search requested

St.27 status event code: A-1-2-D10-D13-srh-X000

D14-X000 Search report completed

St.27 status event code: A-1-2-D10-D14-srh-X000

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

St.27 status event code: A-1-2-D10-D21-exm-PE0902

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

St.27 status event code: A-1-2-D10-D22-exm-PE0701

PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U12-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 5

PC1903 Unpaid annual fee

St.27 status event code: A-4-4-U10-U13-oth-PC1903

Not in force date: 20240921

Payment event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

PC1903 Unpaid annual fee

St.27 status event code: N-4-6-H10-H13-oth-PC1903

Ip right cessation event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

Not in force date: 20240921