1. Field of the Invention
The present invention relates to information processing, and in particular to verification of a certificate such as a CA (Certificate Authority) certificate.
2. Description of the Related Art
Japanese Patent Laid-Open No. 2001-211306 describes a technology for distributing confidential images to particular users on a LAN while still maintaining confidentiality by encrypting confidential images received from a public network and saving them in a server computer on the LAN, thereby preventing users other than particular clients from easily accessing the confidential images. If the public key is within the validity period, the received image data is encrypted with the public key, and is transferred by electronic mail having the encrypted confidential image attached. If the public key expires, the received image data is stored in a memory box and an electronic mail describing in the body-text data a message indicating that a confidential image is stored in the memory box is transmitted. Then, transfer of the confidential image is suspended until the public key is updated or the expiration date of the public key is extended.
An information processing apparatus incorporates CA (Certificate Authority) certificates of connected parties, and verifies the identities of the connected parties by the use of the certificates. A server apparatus that provides Web services distributes a CA certificate pre-authenticated by a CA to client apparatuses to prove its identity as a service provider. A client apparatus can confirm that the server apparatus is a service provider certified by a CA only within the validity period of this CA certificate. In order for a client apparatus to use services by a server apparatus continuously, updating or renewal of the CA certificate is required when the CA certificate becomes invalid because of, for example, expiration. In the known client apparatus, if the public key expires, services based on the public key are cancelled and renewal of the public key is awaited. In the same manner, when the CA certificate becomes invalid, measures are required, such as forcible interruption of the use of Web services, manual renewal of the CA certificate by the administrator, or manual renewal of applications, including the CA certificate, by the administrator.
If the administrator of the client apparatus cannot update the CA certificate for some reason, the Web service provider is required to learn the status of the CA certificate in the client apparatus and update the CA certificate in place of the administrator.