CONNOTECH Experts-conseils, inc. Patent applications |
Patent application number | Title | Published |
20090210696 | Method of bootstrapping an authenticated data session configuration - An inventive method is disclosed for bootstrapping a trusted client public key at the server side in a client-server model of e-commerce or distributed computer applications. Generally, the invention integrates security technique elements and user procedural elements in such a way that no vulnerability arises due to the decoupling of elements. It is thus aimed at high security application areas. The readily available support of X.509 client security certificates in web browsers is advantageous for easy deployment at the client side. However, serious usability flaws deter the use of client certificates despite their potential for high security client authentication. The invention circumvents this contradiction at the client registration phase, and extends the benefits of simplified reliance on client public-private key pair to production use of the circumvention. Many variations of the inventive idea are disclosed, including the use of a dummy client security certificate that addresses the interoperability pitfalls of the X.509 technology while the trust in the client public key rests on other elements of the inventive method. | 08-20-2009 |
20080260160 | Opt-in process and nameserver system for IETF DNSSEC - The process of signing and then publishing a DNS zone according to the IETF DNSSEC protocols is improved by the present invention, in order to facilitate the DNSSEC deployment until most of the DNS zones are signed. The prior art situation is that a second-level domain, e.g. example.com, often faces an unwanted status of “DNSSEC island of security,” and a challenging task of “trust anchor key” out-of-band distribution. The invention somehow fixes such broken DNSSEC chains of trust, e.g. it fills the gap between a DNSSEC island of security and its signed grandparent or ancestor. The invention is deemed useful for the introduction of DNS root nameservice substitution for DNSSEC support purposes, and allows opt-in while NSEC | 10-23-2008 |