next up previous contents index
Next: Index Up: Network Application Security Using Previous: 6 Conclusions   Contents   Index

Bibliography

1
D. Eastlake 3rd.
DNS Request and Transaction Signatures ( SIG(0)s), September 2000.
RFC 2931.

2
America Online Instant Messenger.
World Wide Web, http://www.aol.com/aim/, Last visited 9 November 2001.

3
D. Atkins, W. Stallings, and P. Zimmermann.
PGP Message Exchange Formats, August 1996.
RFC 1991.

4
A. Back.
PGP Timeline and Brief History.
World Wide Web, http://www.cypherspace.org/~adam/timeline/, Last visited 9 November 2001.

5
D. Balenson.
Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers, February 1993.
RFC 1423.

6
S. M. Bellovin.
Using the Domain Name System for System Break-Ins.
In Proceedings of the Fifth Usenix UNIX Security Symposium, June 1995.

7
T. Berners-Lee, R. Fielding, and H. Frystyk.
Hypertext Transfer Protocol--HTTP/1.0, May 1996.
RFC 1945.

8
Berkeley Internet Naming Daemon.
World Wide Web, http://www.isc.org/bind/, Last visited 9 November 2001.
version 9.0.0.

9
M. Branchaud.
A Survey of Public-Key Infrastructures.
Master's thesis, McGill University, Montreal, March 1997.

10
CCITT.
Recommendation X.500: The Directory: Overview of Concepts, Models and Services.
Technical report, ISO/IEC 9594, 1988.
Also published as ISO/IEC 9594.

11
CCITT.
Recommendation X.509: The Directory--Authentication Framework.
Technical report, 1988.
Also published as ISO/IEC 9594-8.

12
M. Crispin.
Internet Message Access Protocol--Version 4rev1, December 1996.
RFC 2060.

13
D. Crocker.
Standard for the format of ARPA Internet text messages, August 1982.
RFC 822.

14
S. Crocker, N. Freed, J. Galvin, and S. Murphy.
MIME Object Security Services, October 1995.
RFC 1848.

15
T. Dierks and C. Allen.
The TLS Protocol Version 1.0, January 1999.
RFC 2246.

16
W. Diffie and M. Hellman.
New Directions in Cryptography.
IEEE Transactions on Information Theory, vol IT-22(no. 6):644-654, 1976.

17
C. Dinkel.
Secure Data Network System (SDNS) Network, Transport, and Message Security Protocols, volume U.S. Department of Commerce, National Institute of Standards and Technology, report NISTIR 90-4250.
1990.

18
IETF DNS Extensions Workgroup.
World Wide Web, http://www.ietf.org/html.charters/dnsext-charter.html, Last visited 9 November 2001.
Workgroup chaired by Olafur Gudmundsson and Randy Bush.

19
D. Eastlake.
Secure Domain Name System Dynamic Update, April 1997.
RFC 2137.

20
D. Eastlake.
Domain Name System Security Extensions, March 1999.
RFC 2535.

21
D. Eastlake and O. Gudmundsson.
Storing Certificates in the Domain Name System (DNS), March 1999.
RFC 2538.

22
M. Elkins.
MIME Security with Pretty Good Privacy (PGP), October 1996.
RFC 2015.

23
E. A. Young et al.
OpenSSL.
World Wide Web, http://www.openssl.org/, Last visited 9 November 2001.

24
G. Combs et al.
Ethereal.
World Wide Web, http://ethereal.zing.org/, Last visited 9 November 2001.

25
Menezes et al.
Handbook of applied Cryptography.
CRC Press, 1996.
World Wide Web, http://www.cacr.math.uwaterloo.ca/hac/, Last visited 9 November 2001.

26
J. Feghhi, J. Feghhi, and P. Williams.
Digital Certificates.
Addison Wesley, 1999.

27
FidoNet Policy Document.
World Wide Web, http://www.fidonet.org/policy4.txt, Last visited 9 November 2001, June 1989.

28
R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee.
Hypertext Transfer Protocol--HTTP/1.1, June 1999.
RFC 2616.

29
W. Ford and M. S. Baum.
Secure Electronic Commerce.
Prentice Hall, 1997.

30
N. Freed and N. Borenstein.
Multipurpose Internet Mail Extensions (MIME) Part Five: Conformance Criteria and Examples, November 1996.
RFC 2049.

31
N. Freed and N. Borenstein.
Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies, November 1996.
RFC 2045.

32
N. Freed and N. Borenstein.
Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types, November 1996.
RFC 2046.

33
N. Freed, J. Klensin, and J. Postel.
Multipurpose Internet Mail Extensions (MIME) Part Four: Registration Procedures, November 1996.
RFC 2048.

34
A. Frier, P. Karlton, and P. Kocher.
The SSL 3.0 Protocol, November 1996.
Netscape Communications Corporation.

35
J. Galvin, S. Murphy, S. Crocker, and N. Freed.
Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted, October 1995.
RFC 1847.

36
R. E. Gantenbein.
The Ethics of Information: Protecting Privacy in the Computer Age.
World Wide Web, http://www.cs.uwyo.edu/~rex/privacy.html, Last visited 9 November 2001, February 1998.

37
O. Goldreich.
Foundations of Cryptography Vol 1.
Cambridge University Press, 2001.

38
A. Gulbrandsen and P. Vixie.
A DNS RR for specifying the location of services (DNS SRV), October 1996.
RFC 2052.

39
M. Hamilton and R. Wright.
Use of DNS Aliases for Network Services, October 1997.
RFC 2219.

40
M. Hauben and R. Hauben.
Netizens--On the History and Impact of the Net.
World Wide Web, http://www.columbia.edu/~hauben/netbook/, Last visited 9 November 2001, April 1995.

41
R. Hedberg and L. Johansson.
Connection-less Lightweight Directory Access Protocol, May 2000.
Work in Progress, draft-ietf-ldapext-cldap-00.txt.

42
R. Hedberg and R. Moats.
A Taxonomoy of Methods for LDAP Clients Finding Servers, September 2000.
Work in Progress, draft-ietf-ldapext-ldap-taxonomy-03.txt.

43
K.E.B. Hickman.
The SSL Protocol.
World Wide Web, http://home.netscape.com/eng/security/SSL_2.html, Last visited 9 November 2001, February 1995.
Netscape Communications Corporation.

44
R. Housley.
Cryptographic Message Syntax, June 1999.
RFC 2630.

45
R. Housley and P. Hoffman.
Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP, May 1999.
RFC 2585.

46
What is ICQ?
World Wide Web, http://www.icq.com/products/whatisicq.html, Last visited 9 November 2001.

47
American National Standards Institute.
American National Standard for Financial Institution Message Authentication, 1986.
ANSI X9.9.

48
An Introduction to Internet Relay Chat (IRC).
World Wide Web, http://www.newircusers.com/ircchat.html, Last visited 9 November 2001.

49
ITU-T.
ITU-T recommendation X.680-X.683.
Technical report, 1997.
Also published as ISO/IEC 8824-1:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Specification of Basic Notation'', ISO/IEC 8824-2:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Information Object Specification'', ISO/IEC 8824-3:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Constraint Specification'', ISO/IEC 8824-4:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 Specifications''.

50
S. Josefsson.
Authenticating denial of existence in DNS with minimum disclosure (or; An alternative to DNSSEC NXT records), August 2000.
Work in Progress, draft-ietf-dnsext-not-existing-rr-00.txt.

51
S. Josefsson.
Base 64, 32 and 16 Encodings, August 2000.
Work in Progress, draft-josefsson-base-encoding-00.txt.

52
S. Josefsson.
Ethereal Network Dumps, raw data.
World Wide Web, http://josefsson.org/exjobb/, Last visited 9 November 2001, September 2000.

53
J. Jung, E. Sit, H. Balakrishnan, and R. Morris.
DNS Performance and the Effectiveness of Caching.
In Proceedings of the ACM SIGCOMM Internet Measurement Workshop, 2001, 2001.

54
B. Kaliski.
A Layman's Guide to a Subset of ASN.1, BER, and DER.
Technical report, RSA Security, November 1993.

55
B. Kaliski.
Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services, February 1993.
RFC 1424.

56
S. Kent.
Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management, February 1993.
RFC 1422.

57
J. Klensin, R. Catoe, and P. Krumviede.
IMAP/POP AUTHorize Extension for Simple Challenge/Response, September 1997.
RFC 2195.

58
L.M. Kohnfelder.
Towards a Practical Public-Key Cryptosystem.
Master's thesis, MIT, May 1978.

59
H. Krawczyk, M. Bellare, and R. Canetti.
HMAC: Keyed-Hashing for Message Authentication, February 1997.
RFC 2104.

60
RSA Laboratories.
PKCS 7: Cryptographic Message Syntax Standard.
Technical report, RSA Security, November 1993.

61
L. Lamport.
LATEXUser's Guide and Reference Manual.
Addison-Wesley, 2nd edition, 5th printing edition, 1996.

62
A. Larsson.
Dia.
World Wide Web, http://www.lysator.liu.se/~alla/dia/, Last visited 9 November 2001.

63
P. Leach and C. Newman.
Using Digest Authentication as a SASL Mechanism, May 2000.
RFC 2831.

64
J. Linn.
Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures, February 1993.
RFC 1421.

65
J. Linn.
Generic Security Service Application Program Interface Version 2, Update 1, January 2000.
RFC 2743.

66
M. Nystrom and J. Brainard.
An X.509-Compatible Syntax for Compact Certificates., In Proceedings of Secure Networking, CQRE, LNCS 1740, 1999.

67
D. Massey, T. Lehman, and E. Lewis.
DNSSEC Implementation in the CAIRN Testbed.
Technical report, CAIRN, October 1999.
Work in progress, Internet-Draft draft-ietf-dnsop-dnsseccairn-00.txt.

68
R.C. Merkle.
Secure Communication Over Insecure Channels.
Communications of the ACM, vol 21(no. 4):pp. 294-299, 1978.

69
OSI X.400 Message Handling System Model, 1984.
section 2.2.1.

70
S.P. Miller, B.C. Neuman, J.I. Schiller, and J.H. Saltzer.
Kerberos Authentication and Authorization System.
MIT Project Athena Documentation Section E.2.1, December 1987.

71
P.V. Mockapetris.
Domain names--implementation and specification, November 1987.
RFC 1035.

72
K. Moore.
MIME (Multipurpose Internet Mail Extensions) Part Three: Message Header Extensions for Non-ASCII Text, November 1996.
RFC 2047.

73
J. Myers.
Simple Authentication and Security Layer (SASL), October 1997.
RFC 2222.

74
J. Myers and M. Rose.
Post Office Protocol--Version 3, May 1996.
RFC 1939.

75
Netscape NetCenter.
World Wide Web, http://home.netscape.com/netcenter/whitepages.html, Last visited 9 November 2001.

76
NIC-SE.
Reports on DNSSEC.
World Wide Web, http://www.nic-se.se/dnssec/, Last visited 9 November 2001.

77
NIST.
Secure Hash Standard.
Technical Report FIPS PUB 180-1, April 1995.

78
M. Nystrom.
The SecurID(r) SASL Mechanism, April 2000.
RFC 2808.

79
OpenLDAP.
World Wide Web, http://www.openldap.org/, Last visited 9 November 2001.
version 1.2.9.

80
J. Palme.
History of the KOM computer conferencing system.
World Wide Web, http://www.dsv.su.se/jpalme/s1/history-of-KOM.html, Last visited 9 November 2001, October 1997.

81
J. Postel.
User Datagram Protocol, August 1980.
RFC 768.

82
J. Postel.
Internet Protocol, September 1981.
RFC 791.

83
J. Postel.
Transmission Control Protocol, September 1981.
RFC 793.

84
J. Postel.
Simple Mail Transfer Protocol, August 1982.
RFC 821.

85
B. Ramsdell and Ed.
S/MIME Version 3 Certificate Handling, June 1999.
RFC 2632.

86
B. Ramsdell and Ed.
S/MIME Version 3 Message Specification, June 1999.
RFC 2633.

87
R. Rivest.
Can We Eliminate Certificate Revocation Lists.
Financial Cryptography, Rafael Hirschfeld, Ed., Anguilla, British West Indies, vol. 1465:pp. 178-183, February 1998.
Springer.

88
R.L. Rivest, A. Shamir, and L. Adleman.
A Method for Obtaining Digital Signatures and Public-Key Cryptosystems.
Communications of the ACM, 21(2):120-126, February 1978.

89
B. Schneier.
Applied Cryptography.
Wiley, second edition edition, 1996.

90
M. UMEDA and L.M. Ingebrigtsen et al.
Gnus.
World Wide Web, http://www.gnus.org/, Last visited 9 November 2001.

91
U.S. Department of Commerce.
Data Encryption Standard.
Federal Information Processing Standards Publication FIPS PUB 46, 1977.
Republished as FIPS PUB 46-2 in 1994.

92
VeriSign Directory.
World Wide Web, http://digitalid.verisign.com/services/client/, Last visited 9 November 2001.

93
P. Vixie, Ed., S. Thomson, Y. Rekhter, and J. Bound.
Dynamic Updates in the Domain Name System (DNS UPDATE), April 1997.
RFC 2136.

94
P. Vixie, O. Gudmundsson, D. Eastlake, and B. Wellington.
Secret Key Transaction Authentication for DNS (TSIG), May 2000.
RFC 2845.

95
M. Wahl, H. Alvestrand, J. Hodges, and R. Morgan.
Authentication Methods for LDAP, May 2000.
RFC 2829.

96
M. Wahl, T. Howes, and S. Kille.
Lightweight Directory Access Protocol (v3), December 1997.
RFC 2251.

97
Whitepages.
World Wide Web, http://www.whitepages.com, Last visited 9 November 2001.

98
P. R. Zimmermann.
The Official PGP User's Guide.
MIT Press, 1995.



2002-01-07