Abstract: Disclosed systems and methods provide for issuing a secure certificate using improved methods in verifying a Subscriber. In a sample embodiment, a Registering Entity maintains a database with reputation data that can be accessed by a Certification Authority. The Registering Entity may update reputation data based on a variety of events related to the domain name. The reputation data may be tracked on the domain name, URLs, domain name purchaser or registrant, and/or email addresses associated with the domain name. The reputation data may include various categories, such as email practices, website content, privacy policies and practices, fraudulent activities, domain name related complaints, overall reputation, etc. The Certification Authority may decide whether to issue or deny a secure certificate based on the reputation associated with the Subscriber's domain name. The reputation data may be digitally signed for authenticity. The reputation data may be stored in a digital certificate.

Abstract: Disclosed systems and methods provide for tracking of domain name related reputation by a domain name Registering Entity (e.g. Registry, Registrar, Reseller, etc.). The Registering Entity maintains a database with reputation data that can be accessed by the requesters. A domain name may be registered through the Registering Entity or a third party. The reputation data may be tracked on the domain name itself, URLs, domain name purchaser or registrant, or email addresses associated with the domain name. The reputation data may include various categories, such as email practices, website content, privacy policies and practices, fraudulent activities, domain name related complaints, digital certificates associated with the domain name, overall reputation, etc. The reputation data may be digitally signed for authenticity. The requester may decide whether to allow email messages or to visit URLs based on the domain name related reputation.

Abstract: Disclosed methods provide for presenting search engine results based on domain name related reputation data. The search engine may sort or order search engine results based on domain name related reputation data. In some cases links connected to low reputation domain names may be excluded from search engine results. Alternatively, the search engine may show reputation ratings next to the links in the search engine results. Thus, allowing the Internet user to determine whether to visit the link or not. The reputation data may be tracked on the domain name itself, URLs, domain name purchaser or registrant, or email addresses associated with the domain name. The reputation data may include various categories, such as email practices, website content, privacy policies and practices, fraudulent activities, domain name related complaints, overall reputation, etc. The reputation data may be digitally signed for authenticity. The reputation data may be stored in a digital certificate.

Abstract: Disclosed methods provide for publishing domain name related reputation data in WHOIS records. Reputation data may be published in the WHOIS records of the domain name. Reputation data may include values, ratings, or scores, as well as links or references to the locations where such values, ratings, or scores may be found (e.g. URL link). The reputation data may be tracked on the domain name itself, URLs, domain name purchaser or registrant, or email addresses associated with the domain name. The reputation data may include various categories, such as email practices, website content, privacy policies and practices, fraudulent activities, domain name related complaints, overall reputation, etc. The requester may decide whether to allow email messages or visit URLs based on the domain name related reputation. The reputation data in WHOIS may be digitally signed for authenticity. WHOIS data may blacklist or whitelist a resource.

Abstract: The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.

Abstract: The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.

Abstract: The present invention provides systems and methods for allowing an Email User to create a Public Key Infrastructure (PKI) Email Account and thereafter to digitally sign, send, verify and receive PKI encrypted emails over a computer network, such as the Internet. The systems and methods preferably include a Web-based Email System and a Certificate Authority that coordinate their actions to make the process of creating, maintaining and using the PKI Account as easy as possible for the Email User. In a preferred embodiment, a Keystore System may also be used to enhance the management and use of digital keypairs.

Abstract: The present invention provides methods for covering a plurality of domain names with a single certificate. This may be accomplished even if two or more of the domain names have different top level domains (TLDs). In certain embodiments, a Subscriber may be subjected to a vetting process as a prerequisite to allowing the Subscriber to create an account. Once the Subscriber has an account, the Subscriber may request a certificate, possibly covering multiple domain names, from the account without further vetting. In other embodiments, one or more domain names may be subjected to a vetting process prior to receiving a certificate. The history and prior usage of the domain name(s) may be examined to determine if a certificate should be issued for the domain names. Subjecting the domain names to a vetting process may also be done in combination with subjecting the Subscriber to a vetting process.

Abstract: The invention provides methods for efficiently registering a domain name and issuing a certificate without a Subscriber submitting a separate request for the certificate. In some embodiments, a notice may be provided to the Subscriber, after requesting to register a domain name, that a certificate may be issued for the domain name. The certificate may be saved in a Subscriber's account to enable the Subscriber to use the certificate at a later time. In yet other embodiments, a single vetting process may be used to facilitate one or more of: creating a Subscriber's account; registering a domain name; and issuing a certificate.

Abstract: The invention provides methods for efficiently registering a domain name and issuing a certificate without a Subscriber submitting a separate request for the certificate. A notice may be provided to the Subscriber after requesting to register the domain name that a credit for a certificate may be issued for the domain name. In other embodiments a credit may be given to the Subscriber for the certificate without receiving a separate request for the credit or certificate. The credit may be saved in a Subscriber's account to enable the Subscriber to use a certificate at a later time. In yet other embodiments, a single vetting process may be used to facilitate one or more of: creating a Subscriber's account; registering a domain name; and issuing a certificate.

Abstract: Methods and systems of the present invention allow for dynamic updates of digital certificates, such as X.509 SSL certificates. The updates are available via a subscription, where the subscription is a technical, administrative, and/or financial arrangements between a Subscriber and a Certification Authority or between a Hosting Provider and the Certification Authority, which allow for dynamic, and in some embodiments automatic, updates of the Subscriber's certificate. The Subscriber regularly requests updates from the Certification Authority (pull-type methods and systems) or the Certification Authority updates certificates on Subscriber's servers (push-type methods and systems). The invention anticipates a use of short lifespan certificates, which substantially overcomes the issues connected to revoked certificates. If a certificate was revoked it will shortly expire and the Certification Authority would not update it.

Abstract: Methods and systems of the present invention allow for dynamic updates of digital certificates, such as X.509 SSL certificates. The updates are available via a subscription, where the subscription is a technical, administrative, and/or financial arrangements between a Subscriber and a Certification Authority or between a Hosting Provider and the Certification Authority, which allow for dynamic, and in some embodiments automatic, updates of the Subscriber's certificate. The Hosting Provider regularly requests updates from the Certification Authority (pull-type methods and systems) or the Certification Authority updates certificates on Hosting Provider's servers (push-type methods and systems). The invention anticipates a use of short lifespan certificates, which substantially overcomes the issues connected to revoked certificates. If a certificate was revoked it will shortly expire and the Certification Authority would not update it.

Abstract: The present invention provides systems and methods for enabling encrypted communication capabilities for a Subscriber's Web Site, thereby allowing Customers to access the Subscriber's Web Site in a secure manner. A Hosting Provider, that hosts the Subscriber's Web Site, and a Certificate Authority (CA), that verifies the identity of the Subscriber, provide the Subscriber's Web Site with Secure Sockets Layer (SSL) encrypted communications capability. The Hosting Provider and CA communicate directly with each other as needed, typically via the Internet, without using the Subscriber as an intermediary in their communications.

Abstract: The present invention provides systems and methods for enabling encrypted communication capabilities for a Subscriber's Web Site, thereby allowing Customers to access the Subscriber's Web Site in a secure manner. The Subscriber may register a domain name associated with the Subscriber's Web Site using a proxy domain name service, thereby hindering its Customers ability to verify the owner of the Subscriber's Web Site. A Hosting Provider hosts the Subscriber's Web Site and a Certificate Authority (CA) verifies the identity of the Subscriber. In combination the Hosting Provider and CA provide the Subscriber's Web Site with Secure Sockets Layer (SSL) encrypted communications capability. The Hosting Provider and CA communicate directly with each other as needed, typically via the Internet, without using the Subscriber as an intermediary in their communications.