Apple Inc.
Obtaining and using time information on a secure element (SE)

Abstract:

A secure element (SE) with a notion of time useful for checking secure items is disclosed herein. Use of Public Key Infrastructure (PKI) with secure elements is improved by verifying secure items used by an SE. Methods of obtaining time information by the SE include push, pull, opportunistic, local interface, and multi-check methods. The SE uses the time information to evaluate arriving and stored public key certificates and to discard those which fail the evaluation. The SE, in some embodiments, uses the time information in cooperation with certificate revocation lists (CRLs) and/or online certificate status protocol (OCSP) stapling procedures. A multi-check architecture is provided herein by which more than entity is involved in checking a time value before the time value reaches the SE. The multi-check architecture uses both PKI and blockchain techniques.