Bibliography

Next: Index Up: Network Application Security Using Previous: 6 Conclusions Contents Index

Bibliography

1: D. Eastlake 3rd.
DNS Request and Transaction Signatures ( SIG(0)s), September 2000.
RFC 2931.
2: America Online Instant Messenger.
World Wide Web, http://www.aol.com/aim/, Last visited 9 November 2001.
3: D. Atkins, W. Stallings, and P. Zimmermann.
PGP Message Exchange Formats, August 1996.
RFC 1991.
4: A. Back.
PGP Timeline and Brief History.
World Wide Web, http://www.cypherspace.org/~adam/timeline/, Last visited 9 November 2001.
5: D. Balenson.
Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers, February 1993.
RFC 1423.
6: S. M. Bellovin.
Using the Domain Name System for System Break-Ins.
In Proceedings of the Fifth Usenix UNIX Security Symposium, June 1995.
7: T. Berners-Lee, R. Fielding, and H. Frystyk.
Hypertext Transfer Protocol--HTTP/1.0, May 1996.
RFC 1945.
8: Berkeley Internet Naming Daemon.
World Wide Web, http://www.isc.org/bind/, Last visited 9 November 2001.
version 9.0.0.
9: M. Branchaud.
A Survey of Public-Key Infrastructures.
Master's thesis, McGill University, Montreal, March 1997.
10: CCITT.
Recommendation X.500: The Directory: Overview of Concepts, Models and Services.
Technical report, ISO/IEC 9594, 1988.
Also published as ISO/IEC 9594.
11: CCITT.
Recommendation X.509: The Directory--Authentication Framework.
Technical report, 1988.
Also published as ISO/IEC 9594-8.
12: M. Crispin.
Internet Message Access Protocol--Version 4rev1, December 1996.
RFC 2060.
13: D. Crocker.
Standard for the format of ARPA Internet text messages, August 1982.
RFC 822.
14: S. Crocker, N. Freed, J. Galvin, and S. Murphy.
MIME Object Security Services, October 1995.
RFC 1848.
15: T. Dierks and C. Allen.
The TLS Protocol Version 1.0, January 1999.
RFC 2246.
16: W. Diffie and M. Hellman.
New Directions in Cryptography.
IEEE Transactions on Information Theory, vol IT-22(no. 6):644-654, 1976.
17: C. Dinkel.
Secure Data Network System (SDNS) Network, Transport, and Message Security Protocols, volume U.S. Department of Commerce, National Institute of Standards and Technology, report NISTIR 90-4250.
1990.
18: IETF DNS Extensions Workgroup.
World Wide Web, http://www.ietf.org/html.charters/dnsext-charter.html, Last visited 9 November 2001.
Workgroup chaired by Olafur Gudmundsson and Randy Bush.
19: D. Eastlake.
Secure Domain Name System Dynamic Update, April 1997.
RFC 2137.
20: D. Eastlake.
Domain Name System Security Extensions, March 1999.
RFC 2535.
21: D. Eastlake and O. Gudmundsson.
Storing Certificates in the Domain Name System (DNS), March 1999.
RFC 2538.
22: M. Elkins.
MIME Security with Pretty Good Privacy (PGP), October 1996.
RFC 2015.
23: E. A. Young et al.
OpenSSL.
World Wide Web, http://www.openssl.org/, Last visited 9 November 2001.
24: G. Combs et al.
Ethereal.
World Wide Web, http://ethereal.zing.org/, Last visited 9 November 2001.
25: Menezes et al.
Handbook of applied Cryptography.
CRC Press, 1996.
World Wide Web, http://www.cacr.math.uwaterloo.ca/hac/, Last visited 9 November 2001.
26: J. Feghhi, J. Feghhi, and P. Williams.
Digital Certificates.
Addison Wesley, 1999.
27: FidoNet Policy Document.
World Wide Web, http://www.fidonet.org/policy4.txt, Last visited 9 November 2001, June 1989.
28: R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee.
Hypertext Transfer Protocol--HTTP/1.1, June 1999.
RFC 2616.
29: W. Ford and M. S. Baum.
Secure Electronic Commerce.
Prentice Hall, 1997.
30: N. Freed and N. Borenstein.
Multipurpose Internet Mail Extensions (MIME) Part Five: Conformance Criteria and Examples, November 1996.
RFC 2049.
31: N. Freed and N. Borenstein.
Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies, November 1996.
RFC 2045.
32: N. Freed and N. Borenstein.
Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types, November 1996.
RFC 2046.
33: N. Freed, J. Klensin, and J. Postel.
Multipurpose Internet Mail Extensions (MIME) Part Four: Registration Procedures, November 1996.
RFC 2048.
34: A. Frier, P. Karlton, and P. Kocher.
The SSL 3.0 Protocol, November 1996.
Netscape Communications Corporation.
35: J. Galvin, S. Murphy, S. Crocker, and N. Freed.
Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted, October 1995.
RFC 1847.
36: R. E. Gantenbein.
The Ethics of Information: Protecting Privacy in the Computer Age.
World Wide Web, http://www.cs.uwyo.edu/~rex/privacy.html, Last visited 9 November 2001, February 1998.
37: O. Goldreich.
Foundations of Cryptography Vol 1.
Cambridge University Press, 2001.
38: A. Gulbrandsen and P. Vixie.
A DNS RR for specifying the location of services (DNS SRV), October 1996.
RFC 2052.
39: M. Hamilton and R. Wright.
Use of DNS Aliases for Network Services, October 1997.
RFC 2219.
40: M. Hauben and R. Hauben.
Netizens--On the History and Impact of the Net.
World Wide Web, http://www.columbia.edu/~hauben/netbook/, Last visited 9 November 2001, April 1995.
41: R. Hedberg and L. Johansson.
Connection-less Lightweight Directory Access Protocol, May 2000.
Work in Progress, draft-ietf-ldapext-cldap-00.txt.
42: R. Hedberg and R. Moats.
A Taxonomoy of Methods for LDAP Clients Finding Servers, September 2000.
Work in Progress, draft-ietf-ldapext-ldap-taxonomy-03.txt.
43: K.E.B. Hickman.
The SSL Protocol.
World Wide Web, http://home.netscape.com/eng/security/SSL_2.html, Last visited 9 November 2001, February 1995.
Netscape Communications Corporation.
44: R. Housley.
Cryptographic Message Syntax, June 1999.
RFC 2630.
45: R. Housley and P. Hoffman.
Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP, May 1999.
RFC 2585.
46: What is ICQ?
World Wide Web, http://www.icq.com/products/whatisicq.html, Last visited 9 November 2001.
47: American National Standards Institute.
American National Standard for Financial Institution Message Authentication, 1986.
ANSI X9.9.
48: An Introduction to Internet Relay Chat (IRC).
World Wide Web, http://www.newircusers.com/ircchat.html, Last visited 9 November 2001.
49: ITU-T.
ITU-T recommendation X.680-X.683.
Technical report, 1997.
Also published as ISO/IEC 8824-1:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Specification of Basic Notation'', ISO/IEC 8824-2:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Information Object Specification'', ISO/IEC 8824-3:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Constraint Specification'', ISO/IEC 8824-4:1998 ``Information Technology--Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 Specifications''.
50: S. Josefsson.
Authenticating denial of existence in DNS with minimum disclosure (or; An alternative to DNSSEC NXT records), August 2000.
Work in Progress, draft-ietf-dnsext-not-existing-rr-00.txt.
51: S. Josefsson.
Base 64, 32 and 16 Encodings, August 2000.
Work in Progress, draft-josefsson-base-encoding-00.txt.
52: S. Josefsson.
Ethereal Network Dumps, raw data.
World Wide Web, http://josefsson.org/exjobb/, Last visited 9 November 2001, September 2000.
53: J. Jung, E. Sit, H. Balakrishnan, and R. Morris.
DNS Performance and the Effectiveness of Caching.
In Proceedings of the ACM SIGCOMM Internet Measurement Workshop, 2001, 2001.
54: B. Kaliski.
A Layman's Guide to a Subset of ASN.1, BER, and DER.
Technical report, RSA Security, November 1993.
55: B. Kaliski.
Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services, February 1993.
RFC 1424.
56: S. Kent.
Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management, February 1993.
RFC 1422.
57: J. Klensin, R. Catoe, and P. Krumviede.
IMAP/POP AUTHorize Extension for Simple Challenge/Response, September 1997.
RFC 2195.
58: L.M. Kohnfelder.
Towards a Practical Public-Key Cryptosystem.
Master's thesis, MIT, May 1978.
59: H. Krawczyk, M. Bellare, and R. Canetti.
HMAC: Keyed-Hashing for Message Authentication, February 1997.
RFC 2104.
60: RSA Laboratories.
PKCS 7: Cryptographic Message Syntax Standard.
Technical report, RSA Security, November 1993.
61: L. Lamport.
L^ATEXUser's Guide and Reference Manual.
Addison-Wesley, 2nd edition, 5th printing edition, 1996.
62: A. Larsson.
Dia.
World Wide Web, http://www.lysator.liu.se/~alla/dia/, Last visited 9 November 2001.
63: P. Leach and C. Newman.
Using Digest Authentication as a SASL Mechanism, May 2000.
RFC 2831.
64: J. Linn.
Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures, February 1993.
RFC 1421.
65: J. Linn.
Generic Security Service Application Program Interface Version 2, Update 1, January 2000.
RFC 2743.
66: M. Nystrom and J. Brainard.
An X.509-Compatible Syntax for Compact Certificates., In Proceedings of Secure Networking, CQRE, LNCS 1740, 1999.
67: D. Massey, T. Lehman, and E. Lewis.
DNSSEC Implementation in the CAIRN Testbed.
Technical report, CAIRN, October 1999.
Work in progress, Internet-Draft draft-ietf-dnsop-dnsseccairn-00.txt.
68: R.C. Merkle.
Secure Communication Over Insecure Channels.
Communications of the ACM, vol 21(no. 4):pp. 294-299, 1978.
69: OSI X.400 Message Handling System Model, 1984.
section 2.2.1.
70: S.P. Miller, B.C. Neuman, J.I. Schiller, and J.H. Saltzer.
Kerberos Authentication and Authorization System.
MIT Project Athena Documentation Section E.2.1, December 1987.
71: P.V. Mockapetris.
Domain names--implementation and specification, November 1987.
RFC 1035.
72: K. Moore.
MIME (Multipurpose Internet Mail Extensions) Part Three: Message Header Extensions for Non-ASCII Text, November 1996.
RFC 2047.
73: J. Myers.
Simple Authentication and Security Layer (SASL), October 1997.
RFC 2222.
74: J. Myers and M. Rose.
Post Office Protocol--Version 3, May 1996.
RFC 1939.
75: Netscape NetCenter.
World Wide Web, http://home.netscape.com/netcenter/whitepages.html, Last visited 9 November 2001.
76: NIC-SE.
Reports on DNSSEC.
World Wide Web, http://www.nic-se.se/dnssec/, Last visited 9 November 2001.
77: NIST.
Secure Hash Standard.
Technical Report FIPS PUB 180-1, April 1995.
78: M. Nystrom.
The SecurID(r) SASL Mechanism, April 2000.
RFC 2808.
79: OpenLDAP.
World Wide Web, http://www.openldap.org/, Last visited 9 November 2001.
version 1.2.9.
80: J. Palme.
History of the KOM computer conferencing system.
World Wide Web, http://www.dsv.su.se/jpalme/s1/history-of-KOM.html, Last visited 9 November 2001, October 1997.
81: J. Postel.
User Datagram Protocol, August 1980.
RFC 768.
82: J. Postel.
Internet Protocol, September 1981.
RFC 791.
83: J. Postel.
Transmission Control Protocol, September 1981.
RFC 793.
84: J. Postel.
Simple Mail Transfer Protocol, August 1982.
RFC 821.
85: B. Ramsdell and Ed.
S/MIME Version 3 Certificate Handling, June 1999.
RFC 2632.
86: B. Ramsdell and Ed.
S/MIME Version 3 Message Specification, June 1999.
RFC 2633.
87: R. Rivest.
Can We Eliminate Certificate Revocation Lists.
Financial Cryptography, Rafael Hirschfeld, Ed., Anguilla, British West Indies, vol. 1465:pp. 178-183, February 1998.
Springer.
88: R.L. Rivest, A. Shamir, and L. Adleman.
A Method for Obtaining Digital Signatures and Public-Key Cryptosystems.
Communications of the ACM, 21(2):120-126, February 1978.
89: B. Schneier.
Applied Cryptography.
Wiley, second edition edition, 1996.
90: M. UMEDA and L.M. Ingebrigtsen et al.
Gnus.
World Wide Web, http://www.gnus.org/, Last visited 9 November 2001.
91: U.S. Department of Commerce.
Data Encryption Standard.
Federal Information Processing Standards Publication FIPS PUB 46, 1977.
Republished as FIPS PUB 46-2 in 1994.
92: VeriSign Directory.
World Wide Web, http://digitalid.verisign.com/services/client/, Last visited 9 November 2001.
93: P. Vixie, Ed., S. Thomson, Y. Rekhter, and J. Bound.
Dynamic Updates in the Domain Name System (DNS UPDATE), April 1997.
RFC 2136.
94: P. Vixie, O. Gudmundsson, D. Eastlake, and B. Wellington.
Secret Key Transaction Authentication for DNS (TSIG), May 2000.
RFC 2845.
95: M. Wahl, H. Alvestrand, J. Hodges, and R. Morgan.
Authentication Methods for LDAP, May 2000.
RFC 2829.
96: M. Wahl, T. Howes, and S. Kille.
Lightweight Directory Access Protocol (v3), December 1997.
RFC 2251.
97: Whitepages.
World Wide Web, http://www.whitepages.com, Last visited 9 November 2001.
98: P. R. Zimmermann.
The Official PGP User's Guide.
MIT Press, 1995.

2002-01-07