Security issues are well-known with regard to the use of any network of computing or telecommunication devices. For such networks, including the Internet, authentication of a user is important, especially for establishing a secure connection between a user and a third party, the latter typically being a server. As is known in the art and as described in a publication entitled “Introduction to Public-Key Cryptograph” (last updated Oct. 9, 1998) available on the Internet at http://developer.netscape.com/docs/manual/security/pkin/contents.htm, public key cryptography can be used to establish a secure communication between a user and a third party, using various protocols, such as the Transport Layer Security (TLS) protocol, IP Security Protocol (IPSEC) or the Security Sockets Layer (SSL) protocol. As explained in a publication entitled “Introduction to SSL” (last updated Oct. 9, 1998) and available on the Internet at http://developer.netscape.com/docs/manual/security/sslin/contents.htm, a Secure Socket Layer comprises a handshake procedure that uses public-key encryption to establish the generation of a private symmetric key for two parties. This private symmetric key is then used for the remainder of the SSL session. In this protocol, as well as in other situations, e.g. email and the like, it may be required depending upon the needs of the third party, for the user to authenticate itself. Such authentication can be performed by use of a certificate which is an electronic document used to identify an individual, server, company or other entity so as to associate that identity with a public key. A Certification Authority issues a private-public key pair to a user based upon the published policies of the CA and upon generation of the private-public key pair, the public key is available for anyone's use and the private key is known only to the user for purposes of decryption and sometimes, encryption as explained more fully below.
For purposes of establishing a Secure Socket Layer which uses a symmetric key for both encryption and decryption, it is necessary that the private key be known only to the user and third party wanting to communicate to each other securely and not to anyone else. In order to establish the secret symmetric key for use in an SSL session, it is necessary that the two parties communicate to each other securely such as through use of a private-public key and it is generally further necessary for at least one, and sometimes both parties, to authenticate their identity to the other party. A method of authenticating a user is for that user to use its private key of a private-public key pair to encrypt a message which is then received by the other user and decrypted by the other user with the corresponding public key of the first user. Since the decryption is only possible if the public key is the same public key as in the private-public key pair issued by the Certification Authority for the first user, decryption of a message encrypted with the private key of the first user provides a means for authenticating the identity of that user by the other user (third party). The identity is ultimately established by the certificate issued by the CA and thus the third party trusts the identity of the first user based upon the certificate which identifies the first user.
Because the certificate issued by the Certification Authority binds a particular public key to the name of the user (entity) that the certificate identifies, it would normally be inappropriate for that user to be allowed to generate its own certificate for further identification of itself. Indeed, the public key infrastructure (PKI) which uses Certification Authorities to generate certificates, specifically prohibits a user having such a certificate from generating additional certificates for use to identify itself. The reason for this prohibition is to prevent a holder of a certificate from changing its identity through creation of additional certificates based upon an issued certificate from the Certification Authority.
A problem exists when a user in a first system has an authenticated identity via a certificate issued from a Certification Authority and wishes to use that authenticated identity to authenticate itself when using a network of another system. The typical situation is when a user of a computer connected to the Internet wants to establish its identity but does not have a certificate issued by a Certification Authority associated with the Internet, but rather has a certificate associated with a wireless device that the user possesses. It would be desirable for that certificate to be allowed as a means for identifying that user for use on the Internet (the second system) but to do so, would normally require issuance of a certificate by the user which is prohibited in PKI systems. In the past therefore, the Certification Authority which issued the certificate for use in the wireless system (first system) would have to provide an additional certificate for that user for use in identification over the Internet (the second system). The use of a user generated key and certificate as a means for authentification on the Internet (second system) by the user having an authenticated identity on another system such as the wireless infrastructure (first system) has therefore not heretofore been implemented.