| CPC H04L 9/3263 (2013.01) [H04L 9/0825 (2013.01); H04L 9/3247 (2013.01)] | 15 Claims |
|
1. A method, comprising:
sending, by a relying party computing system to a subscriber computing system, an Object Identifier (OID) of a relying party associated with the relying party computing system;
receiving, by the relying party computing system from the subscriber computing system, a certificate of a subscriber associated with the subscriber computing system, the certificate comprises a public key of the subscriber;
determining, by the relying party computing system, whether the certificate comprises the OID of the relying party; and
in response to determining that the certificate comprises the OID of the relying party, using by the relying party computing system the public key in the certificate of the subscriber, wherein the certificate comprises an extension having:
the OID of the relying party;
an extension identifier identifying that the certificate contains the OID of the relying party; and
a critical flag, wherein the critical flag being set to critical indicates rejection of the certificate in response to determining that the extension identifier is not recognized, and the critical flag being set to non-critical indicates ignoring the extension in response to determining that the extension identifier is not recognized.
|