1. Patent Search
  2. Details

METHOD FOR THE CERTIFICATION OF ELECTRONIC MAIL CONTAINING A RECOGNISED ELECTRONIC SIGNATURE ON THE PART OF A TELECOMMUNICATIONS OPERATOR

20190013951 ยท 2019-01-10

    Inventors

    Cpc classification

    International classification

    Abstract

    The object of the invention is a method for the certification of electronic mails with a recognised electronic signature wherein a telecommunications operator certifies the sending of a certified electronic mail on the part of a user client of said operator to another user non-client of the telecommunications operator respecting at all times the chain of custody and the original recognised electronic signatures in the resending and the certification, generating evidence at all times of the transaction, in such a way that it can be used as reinforced evidence in any court or as a reliable demonstration of a given transaction.

    Claims

    1.-7. (canceled)

    8. A method of certification of digitally signed electronic mail which is carried out by means of a telecommunications operator, the method comprising: i. generation by a transmitter, which is a user of the telecommunications operator, of at least one electronic mail, ii. making the electronic mail arrive at a client mail server of the telecommunications operator, iii. sending the electronic mail to: a mail destination server through the internet to make it arrive at a certified mail destination, and an incoming mail server of the operator, iv. certifying the electronic mail wherein said certification in turn comprises generating a copy of the electronic mail and decomposing the electronic mail into its parts wherein said parts comprise: transmission details, reception details and content of the mail, the method of certification of the digitally signed electronic mail being characterised in that it comprises: i. dumping the copy of the electronic mail and its parts, once the copy has been decomposed, in a first database, ii. dumping of the certified mail in a second database which comprises elements that have been made to arrive at the operator's outgoing mail server, iii. encapsulating the copy of the electronic mail in a container, iv. generating a certified mail which comprises the encapsulated copy of the electronic mail and making it arrive at an operator's outgoing mail server, v. making the certified mail arrive at the mail destination server from the operator's outgoing mail server, vi. making the certified mail arrive from the mail destination server to: a. the certified mail destination, and b. the operator's outgoing mail server, vii. carrying out a delivery check of the certified mail at the certified mail destination, viii. generating a certificate by means of a certification server of the telecommunications operator wherein said certificate comprises: a. a first part which in turn comprises: transmission details, reception details and content of the mail, and b. a second part which in turn comprises details of the arrival of the certificate at the operator's outgoing mail server, and c. a digital signature and a timestamp of the telecommunications operator, and ix. making the certificate arrive at the transmitter.

    9. The method of claim 8 further comprising checking that the transmitter has certification privileges by means of comparison with a list of users/privileges, check that is carried out by means of sending the electronic mail to a certification data processing server.

    10. The method of claim 8 wherein the delivery check gives as a result a non-delivery of the certified mail at the certified mail destination, the method further comprising adding to the certificate details referring to the non-delivery wherein said details comprise: time of attempted delivery and delivery address.

    11. The method of claim 8 wherein the delivery check gives as a result a delivery of the certified mail at the certified mail destination, the method further comprising a verification subsequent to the generation of the first part in step viii.a, wherein said verification comprises in turn checking whether the certified mail destination server is on a list of bouncing/blacklisting servers which by default accept all messages and later reject them when the corresponding certified mail addressee does not exist.

    12. The method of claim 8 wherein the verification gives as a result that the certified mail destination server is on the list of bouncing/blacklisting servers, the method being characterised in that additionally it comprises adding to the certificate details referring to the non-existence of the addressee at the certified mail destination server.

    Description

    DESCRIPTION OF THE DRAWINGS

    [0022] To complement the description being made and for the purpose of contributing to a better understanding of the invention, according to a preferred example of a practical embodiment thereof, a set of drawings is attached as an integral part of said description, wherein by way of illustration and not limitation, the following has been represented:

    [0023] FIG. 1.Shows a flow chart of an example of embodiment of the method that is the object of the invention of the start of creation of the certified electronic mail and the delivery or not of the encapsulated copy.

    [0024] FIG. 2.Shows a flow chart of an example of embodiment of the method that is the object of the invention of the composition and sending of the final certificate in the cases of delivery or non-delivery of the encapsulated electronic mail.

    PREFERRED EMBODIMENT OF THE INVENTION

    [0025] In the light of FIGS. 1 and 2 wherein a series of diagrams are represented referring to a method that is the object of the invention, method intended to certify electronic mails containing a recognised electronic signature on the part of a telecommunications operator comprising from sending an electronic mail from a transmitter (1,2,3), user of the telecommunications operator, through to reception of the certificate confirming the sending was effected, it was delivered, with the content and transmission details used, all of the above signed with a recognised electronic signature of the operator and timestamp of a third party.

    [0026] The transmitting user client of the telecommunications operator, when wishing to send a certified electronic mail send the mail through any platform, PC, Tablet or mobile phone copying a mail address of an incoming mail server of the telecommunications operator such as for example correo@certificado.lleida.net. To do this, on the part of a the transmitter (1,2,3), which is a user of the telecommunications operator, at least one electronic mail is generated, to make the electronic mail arrive at a client mail server of the telecommunications operator (4,15) for example the electronic mail is sent to the client mail server of Lleida.net, the latter belonging to any internet provider, and it is delivered to a destination server which for legal purposes is the authorised electronic representative, in other words it is made to arrive at a mail destination server (7, 24) via the internet (5) to make it arrive at a certified mail destination (8,25), since it is at internet level where messages can be delivered to a determined destination, likewise a copy of this message is delivered to an incoming mail server of the operator (9), the incoming mail server of Lleida.net in this example.

    [0027] The operator's incoming mail server (9) sends the electronic mail to a certification data processing server (Mailcert) which forms part of the telecommunications operator and will check whether the user is on the white list, in other words, is registered with the system to be able to send certified electronic mails. If not registered, the mail is ignored, if registered it moves on to verifying that the user has credit, this implies checking (10) that the user (1,2,3) has certification privileges by means of comparison with a list of users/privileges, check which is carried out by means of sending the electronic mail to a certification data processing server.

    [0028] If the user in question does not have any credit, an electronic mail is generated indicating the lack of same, sending it to an outgoing mail server of the operator (23,26,38,50) which will deliver it finally to the user (1,2,3) which is the user client of the communications operator.

    [0029] If the user does have credit then it proceeds to certify (17) the electronic mail wherein said certification in turn comprises generating a copy (18) of the electronic mail and decomposing the electronic mail into its parts wherein said parts comprise: transmission details, reception details and content of the mail for processing of same, said details being preferably saved in a first database (19,32,43) together with the copy (18).

    [0030] Subsequently the copy (18) of the electronic mail is encapsulated (20) in a container and a certified mail (21) is generated which comprises the encapsulated copy (18) of the electronic mail then made to arrive at an outgoing mail server of the operator (23,26), to make the certified mail (21) arrive at the mail destination server (7, 24) from the operator's outgoing mail server (23,26,38,50) and to make the certified mail (21) arrive from the mail destination server (7, 24) to: the certified mail destination (8,25), and to the operator's outgoing mail server (23,26,38,50).

    [0031] A certified mail (21) is generated from an electronic mail address with origin in the certification data processing server that forms part of the telecommunications operator as can be: service@correo electrnicocert.lleida.net with the subject of the message being CERTIFIED ELECTRONIC MAIL, adding the text of the original subject, and as many control texts as may be considered necessary. The fact of being sent as certification server service@correo electrnicocert.lleida.net from the telecommunications operator and not placing as origin the original electronic mail address of the client allows the service to be DMARC-compliant as it does not supplant the client, in spite of giving us authorisation to deliver an electronic mail on the client's behalf.

    [0032] Within the text of the certified mail (21) a banner is included and indications confirming that it is a certified message and finally it is encapsulated (20), in other words, the entire original message is included for the purpose of respecting the original recognised electronic signatures to avoid any manipulation of the inside breaking the recognised signature and generating mistrust as to the veracity of the message. The encapsulated copy (18) of the electronic mail is saved in a second database (22,33,46) and is made to arrive at the operator's outgoing mail server (23,26,38,50) for sending of same.

    [0033] The operator's outgoing mail server (23,26,38,50) will deliver the encapsulated copy (18) of the electronic mail, for its delivery, but even so will wait for a subsequent time of between 10 minutes and one hour for a subsequent rejection response, in other words, initially the electronic mail server at the destination will accept everything in the first instance and subsequently it will reject it, this being a behaviour that the system self-adjusts to automatically.

    [0034] If the certified electronic mail was finally able to be delivered, the method moves on to the OK process of FIG. 2 and if the certified electronic mail could not be delivered then it moves on to the NOOK process also present in FIG. 2.

    [0035] The operator's outgoing mail server (23,26,38,50), will deliver the encapsulated electronic mail to its authorised digital representative, for its delivery, but even so will wait for a subsequent time of between 10 minutes and one hour for a subsequent rejection response, in other words, initially a mail destination server (7, 24) accepts everything in the first instance and subsequently rejects it, this being a behaviour that the method described herein self-adjusts to automatically.

    [0036] There is a check of delivery (27) of the certified mail (21) at the certified mail destination (8,25). If the certified mail (21) was finally able to be delivered, the method moves on to the OK process of FIG. 2 and if the certified electronic mail was not able to be delivered the method moves on to the NOOK process also present in FIG. 2.

    [0037] With the certified mail (21) delivered the method moves on to the process of generating a certificate (37,49) of the operator itself, in other words the certified mail (21) is made to arrive from the mail destination server (7, 24) to the certified mail destination (8,25), and to the operator's outgoing mail server (23,26,38,50) given that on carrying out the delivery check (27) of the certified mail (21) at the certified mail destination (8,25) an OK was obtained. Next, a certificate (37,49) is generated by means of a certification server (30,41) of the telecommunications operator wherein said certificate (37,49) comprises a first part (31,42) which in turn comprises transmission details, reception details and content of the mail, and a second part (34,45) which in turn comprises details of the arrival of the certificate (21) at the operator's outgoing mail server (23,26), and a digital signature and a timestamp (35,48) of the telecommunications operator.

    [0038] To do this, the content and original electronic mails are recovered from the first database (19,32,43) of initial copy composing the first part of the certificate (37,49). Once this is done, it is verified whether the mail destination server (7, 24) is on the bouncing/blacklisting list, by means of a verification (44) subsequent to the generation of the first part (31,42) wherein said verification (44) comprises checking whether the destination server of the certified electronic mail (8,25) is on a list of bouncing/blacklisting servers which by default accept all messages and subsequently reject them when the addressee of the corresponding certified mail (8,25) does not exist. In other words, it is verified (44) whether it is or not on the list of servers which by default accept all messages and later reject them when the user does not exist, checking whether a subsequent message of rejection has arrived from the mail destination server (7, 24). If a subsequent message of rejection has arrived then the method moves on to the NOOK process.

    [0039] If the verification (44) gives as a result that the certified mail destination server (8,25) is on the list of bouncing/blacklisting servers, it is proceeded to add to the certificate (37,49) details referring to the non-existence of the addressee at the certified mail destination server (8,25). If the verification (44) gives as a result that the mail destination server (7, 24) is not on the blacklist or bouncing list the second part of the certificate is composed with all of the transactional details, adding the timestamp (35,48) of a third party and signing the certificate (37,49) with the recognised electronic signature of the telecommunications operator as indicated previously in describing the content of the second part (34,45) of the certificate (37,49).

    [0040] Having finalised the certificate (37,49), an electronic mail is generated to which this generated certificate (37,49) is attached, which is sent to the telecommunications operator's outgoing mail server (23,26), which will deliver it finally to the electronic representative authorised to deliver it to the client.

    [0041] The NOOK process is the process that is used when for any circumstance it has not been possible to deliver the certified mail (21) to the certified mail destination (8,25), emphasising that in the process of sending reliable notifications, both delivery and non-delivery are just as important, given that the aim is to demonstrate a publicly explicit and express will to send a content even if there may be circumstances that prevent it, transforming the reliable notification into a diligent one; in other words, everything technically possible has been done to effect the delivery.

    [0042] Once it is determined that the certified mail (21) moves onto the NOOK process the certificate (37,49) is recomposed again identifying the addressee and including the latter's details in the certificate (37,49) along with all vicissitudes that have prevented effective delivery of the message to its authorised electronic representative, for example it is possible to add to the certificate (37,49) details referring to the non-delivery such as the time of attempted delivery, delivery address, identification of the addressee, etc. Once the certificate (37,49) is completed, it is electronically signed with the recognised digital signature of the telecommunications operator and the timestamp of a third party is added to it.

    [0043] Once the document is signed, an electronic mail is generated to which this pdf document is attached and it is sent by electronic mail to the transmitter (1,2,3), which is a user of the telecommunications operator.

    [0044] With the finally generated certificates (37,49), the transmitter (1,2,3), which is a user of the telecommunications operator, can demonstrate reliably that it sent a certified mail (21) to a determined certified mail destination (8,25), using its own recognised electronic signature without modifying the electronic mail in any of its transactions or preventing its delivery due to the new standards implemented on the internet.