Field of the Invention
The present invention relates to an authentication system, an image forming apparatus, a method of controlling the same, and storage medium.
Description of the Related Art
Spoofing of a communication destination is prevented by confirming the validity of a public key certificate of the communication destination when an image forming apparatus performs encrypted communication such as SSL/TLS with an external IT device. A standard specification relating to an issuance of a public key certificate and a confirmation of validity is defined by RFC 5280 (Internet X.509 Public Key Infrastructure Certificate and CRL Profile) and the like.
In a case when an erroneous issuance or a change in content recited in a certificate arises, the public key certificate is revoked by the certificate authority that issued the certificate. For this reason, it is necessary to confirm whether the certificate has not expired in order to confirm the validity of the public key certificate. A method exists in which a public key certificate revocation list (hereinafter, CRL) that a certificate authority issued is used for a revocation confirmation for the certificate. In such a CRL, serial numbers of revoked certificates and a validity period of the CRL itself are recited, and such a CRL is issued regularly with the signature of the certificate authority attached thereto.
In a case when the current image forming apparatus verifies the validity of the public key certificate, if the serial number of the public key certificate of the communication destination is recited in the CRL, the certificate is determined to be revoked, and if not recited in the CRL, the certificate is determined to be valid.
However, because the size of the CRL becomes large when the number of revoked certificates becomes large, there is a problem in that much time is required for the image forming apparatus to obtain the CRL, and so the time required for verification of the validity of the certificate increases, and the start of an encrypted communication with a communication destination is delayed. For this reason, performing a verification of the certificate by using a CRL obtained in advance rather than obtaining a CRL for every verification of the certificate can be considered. However, in such a case, there is a possibility that an already revoked certificate will be erroneously determined to be valid because the contents of the CRL are not the most recent.
To handle this, there is a method for using an OCSP (Online Certificate Status Protocol) for querying online whether or not the public key certificate is revoked and obtaining a reply. In the OCSP, a verification server regularly obtains the CRL in advance, and confirms whether a certificate about which a query is received is recited in the CRL, and only replies the verification result for it. By this, the apparatus that makes the query can shorten the time required for verification of the validity of the certificate as compared to when it obtains a CRL because it is possible to obtain the verification result only. In this way, there are various methods of verifying a certificate and for example, a method for selecting an optimal certificate verification method in accordance with an environment parameter such as a communication rate of a network is recited in Japanese Patent Laid-Open No. 2008-244914.
However, several problems exist in the technique recited in the aforementioned Japanese Patent Laid-Open No. 2008-244914 when considering performing a verification of a public key certificate in the image forming apparatus rather than in a system which specializes in performing verification of certificates.
Firstly, in order to dynamically determine a method of verification of a certificate, it is necessary to constantly measure an environment parameter such as a communication rate of a network, and to perform a calculation for determining the optimal method of verifying a certificate each time. There is a problem in that the processing load for the image forming apparatus becomes large.
Also, although the certificate is verified by a dynamically determined method of verification, there also is a problem in the respective methods of verification as below. Regarding CRL, as mentioned previously, the time required for the obtainment increases when the size of the CRL becomes large. Also, there is a possibility that an already revoked certificate will be erroneously determined to be valid in a case where the CRL obtained in advance is used and the contents of the CRL are not the most recent. Also regarding the OCSP, while there is the advantage that it is possible to reliably confirm the validity of the certificate, there is the problem that the processing load on the image forming apparatus becomes large because a query to the verification server via the network always occurs.