1. Field of the Invention
This invention relates generally to computer networks, and more particularly provides a system and method for installing a temporary certificate at a remote site.
2. Description of the Background Art
The Internet has become one of the most popular tools used by businesses and individuals for obtaining services and needed information. When a web client, e.g., a user operating a network browser, communicates via the Internet with a web server (i.e., a web site), the web server recognizes the web client based on information received in a certificate that was installed on the web client and that was downloaded to the web server. The conventional certificate identifies the user, provides information needed to establish secure network communications between the client and the server, and includes a signature from a certifying authority such as VeriSign, Inc. of Mountain View, Calif. that provides certificate integrity, authenticity and origin.
More particularly, a user typically requests a certificate from a certifying authority, i.e., a third party mutually trusted by the user and the web server. The user operates pre-installed software for generating a public/private key pair, and sends a certificate request including the public key to the certifying authority. The certifying authority verifies the identity and any other information needed about the user, packages the user's name, the public key, a validity period and an assigned serial number together, and digitally signs the package, thereby creating a signed certificate. The certifying authority then sends the signed certificate to the user, who installs the signed certificate and the private key associated with the packaged public key in one or more web clients.
For completeness, a brief review of public/private key cryptography is provided. Mathematically, a public and private key pair are generated to encrypt and decrypt messages. That is, either key can be used to encrypt a message, but only the other key of the key pair can be used to decrypt the message. The owner keeps the private key private, but allows everyone to know the public key. Accordingly, anyone can encrypt a message using the public key, but only the owner can decrypt the message, because the owner is the only one who knows the private key. Similarly, the owner can encrypt a message using the private key, and thus everyone can use the public key to decrypt the message. A user that uses a public key to decrypt an encrypted message can be sure that the message was encrypted by someone who has the corresponding private key. So long as the private key is kept private, the user can be assured that the owner of the private key sent the message. If both parties to a communication have public/private key pairs, then each party can communicate privately with the other by encrypting messages with the recipient's public key.
However, how can the sender be confident that they are using the correct public key for the recipient? Exchanging keys personally may be too inconvenient. Instead, both parties present their public keys, other identifying information and proof of their identity to a mutually trusted certificate authority. The certificate authority verifies the user's identity and issues a public key certificate containing the user's public key and distinguished name. If both parties wish to communicate privately via web clients, then they may install their private keys and public key certificates in their respective web clients. The certificate authority may also issue certificates to identify web servers, showing that a given server name such as "www.briefcase.com" was issued to Visto Corporation of Mountain View, Calif.
When a web client connects to a web server, the web client and web server identify and authenticate each other and negotiate a secure communications channel. For identification, both parties exchange public key certificates. Accordingly, each party uses the public key of the certificate authority to verify the signature of the other party's certificate. As stated above, the public key certificate binds a public key to a subject name (i.e., distinguished name) such as the client's name or server's name. The parties recognize each other by the subject name included in the certificate. To authenticate this identity, each party proves to the other that they possess the private key associated with the public key included in the certificate. One method of authenticating, employed by Secure Sockets Layer (SSL) technology, includes the steps of choosing a random number and encrypting it using the other party's public key. The encrypted number is sent to the other party who decrypts it and returns the decrypted value, thereby proving that they possess the private key.
After authenticating each other's identity, both parties exchange one or more symmetric keys used to encrypt the bulk of their communications. "The SSL Protocol, Version 3.0" by Netscape Communications Corporation., attached hereto and incorporated herein, describe additional details of a session-oriented protocol, such as how parties agree upon cryptographic algorithm and what key length to use. S/MIME by RSA Data Security and PEM encryption techniques illustrate example systems for sending individual messages encrypted under symmetric keys communicated with public key encryption and public key certificates.
Conventional certificates do not solve all problems and concerns for the roaming user. For example, transporting a private key to and installing the private key at every temporary terminal used by the roaming user is unsafe because the private key may be stolen or hacked from the temporary terminal. Still further, sending an owner's private key over the Internet or reading it from a floppy disk or other storage media also pose substantial security risks. SmartCards such as those made Litronic Inc. can be used to transport private keys safely but are not widely deployed and are subject to physical loss. Further, SmartCard readers are not available at most kiosks.
Therefore, a system and method for facilitating the use of public key certificates by the roaming user are needed.