A common technique for enabling secure communications over the Internet is to establish a secure communication link using the secure socket layer (SSL) protocol. The SSL protocol is an integral part of most web browsers and web servers, and uses a public key-private key pair encryption system for authentication. The SSL protocol requires that a web server be authenticated to a web browser. SSL connections between web browsers and web servers involve sending content encrypted using a symmetric session key, where both the web browser and the web server use the same session key to encrypt and decrypt content. A common example involving secure communications is on-line shopping, where a web browser will encrypt data including a shopper's credit card information before sending the data to the on-line store's web server.
To establish an SSL connection between two Internet devices, one device may request an SSL certificate, typically an X.509 digital certificate, from the other device during a process known as an SSL “handshake.” A server device typically must present its certificate during the SSL handshake but a client device only presents its certificate upon request from a server device. The SSL certificate typically includes an identifier of the device, a public key, and a certificate authority signature. The certificate authority signature is generally issued by an independent and trusted third-party certificate authority to ensure the validity of the certificate; however, some certificate authority signatures are self-issued by an entity operating an Internet device. The certificate authority signature provides assurance to the device wishing to send encrypted data that the destination device can be trusted with the data. The device that will be sending encrypted data will use the public key from the SSL certificate of the intended destination to authenticate the destination. Authentication is a process by which the intended destination proves that it is indeed the device it is representing itself to be and that it can be trusted with the data. After authentication, a symmetric session key is established during the SSL handshake such that the device that will be sending the encrypted data will encrypt the data using the session key and the destination will decrypt the data using the same session key.
Authenticating a destination device to receive encrypted data becomes a problem when the path between the devices includes a proxy or other intermediate device. For example, a web browser may be communicating with a web server through a proxy for that web server. Typically, the web browser establishes a TCP connection with the proxy and the proxy establishes a separate TCP connection with the web server. If the web browser will be sending encrypted data to the web server, the proxy for the web server must send an SSL certificate to the web browser during an SSL handshake. The proxy's SSL certificate is typically the same as the web server's SSL certificate. The web browser then can authenticate the proxy and establish an SSL connection with the proxy. The proxy must have the private key that matches the public key in the SSL certificate of the web server, and the proxy typically does have this private key.
In some instances, the web browser needs to be authenticated to the web server. During an SSL handshake between the web browser and the proxy, the proxy requests the web browser's SSL certificate and the web browser sends its SSL certificate to the proxy. The proxy then forwards the web browser's SSL certificate to the web server to authenticate itself during an SSL handshake between the proxy and the web server. However, since the proxy does not posses the web browser's private key (the web browser's SSL certificate only includes the public key), it cannot authenticate the web browser to the web server, i.e., the authentication process fails. Thus, there is a need for authenticating one Internet device to another Internet device when one Internet device will be sending encrypted content through an intermediate device that does not posses the private key of the intended destination of the encrypted content.