Determining CRL size in view of system capability
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
H04L-009/32
H04L-029/08
출원번호
US-0713706
(2010-02-26)
등록번호
US-9172543
(2015-10-27)
발명자
/ 주소
Wnuk, Andrew
출원인 / 주소
Red Hat, Inc.
대리인 / 주소
Lowenstein Sandler LLP
인용정보
피인용 횟수 :
1인용 특허 :
0
초록▼
A certificate revocation list (CRL) deployment system loads a portion of test data that represents revoked certificates into a cache at periodic intervals and generates a CRL for a corresponding periodic interval using the test data that is loaded in the cache at that corresponding periodic interval
A certificate revocation list (CRL) deployment system loads a portion of test data that represents revoked certificates into a cache at periodic intervals and generates a CRL for a corresponding periodic interval using the test data that is loaded in the cache at that corresponding periodic interval. The CRL deployment system determines a CRL size that the server computing system is capable to support using the generated CRLs and notifies a user of the CRL size that the server computing system is capable to support.
대표청구항▼
1. A method comprising: emulating certificate revocation list (CRL) generation by generating, at periodic intervals, a plurality of CRLs in view of test data;terminating, by a processing device, the generation of the plurality of CRLs in response to evaluating a defined test completion condition;det
1. A method comprising: emulating certificate revocation list (CRL) generation by generating, at periodic intervals, a plurality of CRLs in view of test data;terminating, by a processing device, the generation of the plurality of CRLs in response to evaluating a defined test completion condition;determining a cumulative number of revoked certificates in view of the plurality of CRLs generated by the processing device; anddetermining, in view of a defined ratio of a CRL size and a number of issued certificates, a number of certificates that may be issued by a certificate server. 2. The method of claim 1, wherein the terminating comprises receiving an error message associated with the generating. 3. The method of claim 1, wherein generating the plurality of CRLs comprises: generating a CRL comprising a record of the revoked certificates since a first periodic interval. 4. The method of claim 3, wherein determining the cumulative number of revoked certificates comprises: determining a number of revoked certificates listed in the CRL. 5. The method of claim 1, wherein generating the plurality of CRLs comprises: generating a delta CRL for a periodic interval, the delta CRL comprising a record of the revoked certificates since a preceding periodic interval. 6. The method of claim 5, wherein determining the cumulative number of revoked certificates comprises: determining a number of the revoked certificates using the delta CRL. 7. The method of claim 1, wherein the processing device executes a certificate authority server. 8. The method of claim 1, wherein the test data comprises at least one of a serial number, a revocation date, a description of a reason for revoking the certificate, or an invalidity period. 9. The method of claim 1, wherein sending the notification comprises: displaying the cumulative number of revoked certificates via a user interface. 10. The method of claim 1 further comprising: receiving test parameters; andloading the test data based on the test parameters. 11. A system comprising: a memory; anda processing device operatively coupled to the memory, the processing device to: emulate certificate revocation list (CRL) generation by generating, at periodic intervals, a plurality of CRLs in view of test data;terminate the generation of the plurality of CRLs in response to evaluating a defined test completion condition;determine a cumulative number of revoked certificates in view of the plurality of CRLs generated by the processing device; anddetermine, in view of a defined ratio of a CRL size and a number of issued certificates, a number of certificates that may be issued by a certificate server. 12. The system of claim 11, wherein the test data comprises at least one of a serial number, a revocation date, a description of a reason for revoking the certificate, or an invalidity period. 13. The system of claim 11, wherein to send the notification, the processing device is to: display the cumulative number of revoked certificates via a user interface. 14. The system of claim 11, wherein the processing device is to terminate the generation of the plurality of CRLs responsive to receiving an error message associated with the generating. 15. A non-transitory computer-readable storage medium including instructions to cause a processing device to: emulate certificate revocation list (CRL) generation by generating, at periodic intervals, a plurality of CRLs in view of test data;terminate the generation of the plurality of CRLs in response to evaluating a defined test completion condition;determine a cumulative number of revoked certificates in view of the plurality of CRLs generated by the processing device; anddetermine, by the processing device, in view of a defined ratio of a CRL size and a number of issued certificates, a number of certificates that may be issued by a certificate server. 16. The non-transitory computer-readable storage medium of claim 15, wherein to terminate the generation, the processing device is to receive an error message associated with the generating. 17. The non-transitory computer-readable storage medium of claim 15, wherein to generate the plurality of CRLs, the processing device is to: generate a CRL comprising a record of the revoked certificates since a first periodic interval. 18. The non-transitory computer-readable storage medium of claim 17, wherein to determine the cumulative number of revoked certificates, the processing device is to: determine a number of revoked certificates listed in the CRL. 19. The non-transitory computer-readable storage medium of claim 15, wherein the test data comprises at least one of a serial number, a revocation date, a description of a reason for revoking the certificate, or an invalidity period. 20. The non-transitory computer-readable storage medium of claim 15, wherein to send a notification, the processing device is to: display the cumulative number of revoked certificates via a user interface.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허를 인용한 특허 (1)
Gustafsson, Greger, Method and apparatus for reliable token revocation.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.