Digital certificates are well known. Descriptions of digital certificates and their use are available from many sources, including <http://www.webopedia.com/TERM/d/digital_certificate.html> and <http://wp.netscape.com/security/techbriefs/servercerts/index.html> (including related linked pages), which are incorporated by reference herein. In brief, a digital certificate from a Certification Authority (CA) contains, in encrypted form, a public encryption key and other identifying information about the certificate holder. The certificate is attached to communications from the certificate holder, and can only be decrypted (at least without very substantial efforts) by using a public key from the Certificate Authority. When received and decrypted (using the CA public key), the certificate holder's public key can be used to create a Secure Socket Layer (SSL) connection with the certificate holder for secure communication. Digital Certificates can be used for, e.g., authentication of individuals, of particular user devices, of servers, and of numerous other devices.
There remains, however, a need for scalable systems and methods for obtaining secure access to corporate intranets and other resources via the Internet and other publicly accessible networks. The need is especially acute in the case mobile devices such as mobile telephones, personal digital assistants (PDA), mobile terminals and other devices able to access the Internet. Ease of deployment is often critical in such devices, as there may be numerous devices in use. Moreover, such devices typically have limited capabilities compared to personal computers (PCs) or laptop computers.
It has been found that when no user action is required to initiate a SSL or other secure session, a user often gives little thought to a digital certificate. For example, an end-user should verify that a digital certificate for a server is valid and/or held by the entity with which the user wishes to communicate. A common manner of obtaining verification from the user is showing the name of the certificate holder and asking the user to accept or not accept the certificate. Many users always accept without any real consideration. Accordingly, there remains a need for more secure methods and systems for initiating secure communication.