tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 2828


Internet Security Glossary

Part 8 of 8, p. 197 to 212
Prev RFC Part


prevText      Top      Up      ToC       Page 197 
4. References

   This Glossary focuses on the Internet Standards Process. Therefore,
   this set of references emphasizes international, governmental, and
   industry standards documents; only a few other texts are listed. RFCs
   are listed, but not Internet-Drafts, because the latter are not an
   archival document series and should not be cited or quoted in an RFC.

   [A3092]  American National Standards Institute, "American National
            Standard Data Encryption Algorithm", ANSI X3.92-1981, 30 Dec

   [A9009]  ---, "Financial Institution Message Authentication
            (Wholesale)", ANSI X9.9-1986, 15 Aug 1986.

   [A9017]  ---, "Financial Institution Key Management (Wholesale)",
            X9.17, 4 Apr 1985. [Defines procedures for the manual and
            automated management of keying material and uses DES to
            provide key management for a variety of operational

   [A9042]  ---, "Public key Cryptography for the Financial Service
            Industry: Agreement of Symmetric Keys Using Diffie-Hellman
            and MQV Algorithms", X9.42, 29 Jan 1999.

Top      Up      ToC       Page 198 
   [A9052]  ---, "Triple Data Encryption Algorithm Modes of Operation",
            X9.52-1998, ANSI approval 9 Nov 1998.

   [A9062]  ---, "Public Key Cryptography for the Financial Services
            Industry: The Elliptic Curve Digital Signature Algorithm
            (ECDSA)", X9.62-1998, ANSI approval 7 Jan 1999.

   [ABA]    American Bar Association, "Digital Signature Guidelines:
            Legal Infrastructure for Certification Authorities and
            Secure Electronic Commerce", Chicago, IL, 1 Aug 1996.

   [ACM]    Association for Computing Machinery, "Communications of the
            ACM", Jul 1998 issue with: Minerva M. Yeung, "Digital
            Watermarking"; Nasir Memom and Ping Wah Wong, "Protecting
            Digital Media Content"; and Scott Craver, Boon-Lock Yeo, and
            Minerva Yeung, "Technical Trials and Legal Tribulations".

   [Army]   U.S. Army Corps of Engineers, "Electromagnetic Pulse (EMP)
            and Tempest Protection for Facilities", EP 1110-3-2, 31 Dec

   [B7799]  British Standards Institution, "Information Security
            Management, Part 1: Code of Practice for Information
            Security Management", BS 7799-1:1999, effective 15 May 1999.

            ---, ---, "Part 2: Specification for Information Security
            Management Systems", BS 7799-2:1999, effective 15 May 1999.

   [Bell]   D. E. Bell and L. J. LaPadula, "Secure Computer Systems:
            Mathematical Foundations and Model", M74-244, The MITRE
            Corporation, Bedford, MA, May 1973. (Available as AD-771543,
            National Technical Information Service, Springfield, VA.)

   [CCIB]   Common Criteria Implementation Board, "Common Criteria for
            Information Technology Security Evaluation, Part 1:
            Introduction and General Model", ver. 2.1, CCIB-99-01, Aug

   [CIPSO]  Trusted Systems Interoperability Working Group, "Common IP
            Security Option", ver. 2.3, 9 Mar 1993. [A "work in
            progress" that is probably defunct.]

   [CSC1]   U.S. Department of Defense Computer Security Center,
            "Department of Defense Trusted Computer System Evaluation
            Criteria", CSC-STD-001-83, 15 Aug 1983. (Superseded by

Top      Up      ToC       Page 199 
   [CSC2]   ---, "Department of Defense Password Management Guideline",
            CSC-STD-002-85, 12 Apr 1985.

   [CSC3]   ---, "Computer Security Requirements: Guidance for Applying
            the Department of Defense Trusted Computer System Evaluation
            Criteria in Specific Environments", CSC-STD-003-85, 25 Jun

   [CSOR]   U.S. Department of Commerce, "General Procedures for
            Registering Computer Security Objects", National Institute
            of Standards Interagency Report 5308, Dec 1993.

   [Denn]   D. E. Denning, "A Lattice Model of Secure Information Flow",
            in "Communications of the ACM", vol. 19, no. 5, May 1976,
            pp. 236-243.

   [DH76]   W. Diffie and M. H. Hellman, "New Directions in
            Cryptography" in "IEEE Transactions on Information Theory",
            vol. IT-22, no. 6, Nov 1976, pp. 644-654.

   [DOD1]   U.S. Department of Defense, "Department of Defense Trusted
            Computer System Evaluation Criteria", DoD 5200.28-STD, 26
            Dec 1985. (Supersedes [CSC1].)

   [DOD2]   ---, Directive 5200.28, "Security Requirements for Automated
            Information Systems (AISs)", 21 Mar 1988.

   [DOD3]   ---, "X.509 Certificate Policy", ver. 2, Mar 1999.

   [DOD4]   ---, "NSA Key Recovery Assessment Criteria", 8 Jun 1998.

   [ElGa]   T. El Gamal, "A Public-Key Cryptosystem and a Signature
            Scheme Based on Discrete Logarithms" in "IEEE Transactions
            on Information Theory", vol. IT-31, no. 4, 1985, pp. 469-

   [EMV1]   Europay International S.A., MasterCard International
            Incorporated, and Visa International Service Association,
            "EMV '96 Integrated Circuit Card Specification for Payment
            Systems", ver. 3.1.1, 31 May 1998.

   [EMV2]   ---, "EMV '96 Integrated Circuit Card Terminal Specification
            for Payment Systems", ver. 3.1.1, 31 May 1998.

   [EMV3]   ---, EMV '96 Integrated Circuit Card Application
            Specification for Payment Systems", ver. 3.1.1, 31 May 1998.

Top      Up      ToC       Page 200 
   [For94]  W. Ford, "Computer Communications Security: Principles,
            Standard Protocols and Techniques", ISBN 0-13-799453-2,

   [For97]  W. Ford and M. Baum, "Secure Electronic Commerce: Building
            the Infrastructure for Digital Signatures and Encryption",
            ISBN 0-13-476342-4, 1994.

   [FP031]  U.S. Department of Commerce, "Guidelines for Automatic Data
            Processing Physical Security and Risk Management", Federal
            Information Processing Standards Publication (FIPS PUB) 31,
            Jun 1974.

   [FP039]  ---, "Glossary for Computer Systems Security", FIPS PUB 39,
            15 Feb 1976.

   [FP046]  ---, "Data Encryption Standard (DES)", FIPS PUB 46-2, 30 Dec

   [FP081]  ---, "DES Modes of Operation", FIPS PUB 81, 2 Dec 1980.

   [FP102]  ---, "Guideline for Computer Security Certification and
            Accreditation", FIPS PUB 102, 27 Sep 1983.

   [FP113]  ---, "Computer Data Authentication", FIPS PUB 113, 30 May

   [FP140]  ---, "Security Requirements for Cryptographic Modules", FIPS
            PUB 140-1, 11 Jan 1994.

   [FP151]  ---, "Portable Operating System Interface (POSIX)--System
            Application Program Interface [C Language]", FIPS PUB 151-2,
            12 May 1993

   [FP180]  ---, "Secure Hash Standard", FIPS PUB 180-1, 17 Apr 1995.

   [FP185]  ---, "Escrowed Encryption Standard", FIPS PUB 185, 9 Feb

   [FP186]  ---, "Digital Signature Standard (DSS)", FIPS PUB 186, 19
            May 1994.

   [FP188]  ---, "Standard Security Label for Information Transfer",
            FIPS PUB 188, 6 Sep 1994.

   [FPDAM]  Collaborative ITU and ISO/IEC meeting on the Directory,
            "Final Proposed Draft Amendment on Certificate Extensions",
            April 1999. (This draft proposes changes to [X.509].)

Top      Up      ToC       Page 201 
   [FPKI]   U.S. Department of Commerce, "Public Key Infrastructure
            (PKI) Technical Specifications: Part A--Technical Concept of
            Operations", National Institute of Standards, 4 Sep 1998.

   [I3166]  International Standards Organization, "Codes for the
            Representation of Names of countries and Their Subdivisions
            --Part 1: Country Codes", ISO 3166-1:1997.

            ---, --- "Part 2: Country Subdivision Codes", ISO/DIS 3166-

            ---, --- "Part 3: Codes for Formerly Used Names of
            Countries", ISO/DIS 3166-3.

   [I7498]  ---, "Information Processing Systems--Open Systems
            Interconnection Reference Model--[Part 1:] Basic Reference
            Model", ISO/IEC 7498-1. (Equivalent to ITU-T Recommendation

            ---, --- "Part 2: Security Architecture", ISO/IEC 7499-2.

            ---, --- "Part 4: Management Framework", ISO/IEC 7498-4.

   [I7812]  ---, "Identification cards--Identification of Issuers--Part
            1: Numbering System", ISO/IEC 7812-1:1993

            ---, --- "Part 2: Application and Registration Procedures",
            ISO/IEC 7812-2:1993.

   [I9945]  ---, "Portable Operating System Interface for Computer
            Environments", ISO/IEC 9945-1:1990.

   [I15408] ---, "Information Technology--Security Techniques--
            Evaluation criteria for IT Security--Part 1: Introduction
            and General Model", ISO/IEC 15408-1:1999.

   [ITSEC]  "Information Technology Security Evaluation Criteria
            (ITSEC): Harmonised Criteria of France, Germany, the
            Netherlands, and the United Kingdom", ver. 1.2, U.K.
            Department of Trade and Industry, Jun 1991.

   [Kahn]   David Kahn, "The Codebreakers: The Story of Secret Writing",
            The Macmillan Company, New York, 1967.

   [Knuth]  D. E. Knuth, Chapter 3 ("Random Numbers") in Volume 2
            ("Seminumerical Algorithms") of "The Art of Computer
            Programming", Addison-Wesley, Reading, MA, 1969.

Top      Up      ToC       Page 202 
   [Kuhn]   Markus G. Kuhn and Ross J. Anderson, "Soft Tempest: Hidden
            Data Transmission Using Electromagnetic Emanations", in
            David Aucsmith, ed., "Information Hiding, Second
            International Workshop, IH'98", Portland, Oregon, USA, 15-17
            Apr 1998, LNCS 1525, Springer-Verlag, ISBN 3-540-65386-4,
            pp. 124-142.

   [MISPC]  U.S. Department of Commerce, "Minimum Interoperability
            Specification for PKI Components (MISPC), Version 1",
            National Institute of Standards Special Publication 800-15,
            Sep 1997.

   [NCS01]  National Computer Security Center, "A Guide to Understanding
            Audit in Trusted Systems", NCSC-TG-001, 1 Jun 1988. (Part of
            the Rainbow Series.)

   [NCS04]  ---, "Glossary of Computer Security Terms", NCSC-TG-004,
            ver. 1, 21 Oct 1988. (Part of the Rainbow Series.)

   [NCS05]  ---, "Trusted Network Interpretation of the Trusted Computer
            System Evaluation Criteria", NCSC-TG-005, ver. 1, 31 Jul
            1987. (Part of the Rainbow Series.)

   [NCS25]  ---, "A Guide to Understanding Data Remanence in Automated
            Information Systems", NCSC-TG-025, ver. 2, Sep 1991. (Part
            of the Rainbow Series.)

   [NIST]   National Institute of Standards and Technology, "SKIPJACK
            and KEA Algorithm Specifications", ver. 2, 29 May 1998.

   [PGP]    Simson Garfinkel, "PGP: Pretty Good Privacy", O'Reilly &
            Associates, Inc., Sebastopol, CA, 1995.

   [PKCS]   Burton S. Kaliski, Jr., "An Overview of the PKCS Standards",
            RSA Data Security, Inc., 3 Jun 1991.

   [PKC07]  RSA Laboratories, "PKCS #7: Cryptographic Message Syntax
            Standard", ver. 1.5, RSA Laboratories Technical Note, 1 Nov

   [PKC10]  ---, "PKCS #10: Certification Request Syntax Standard", ver.
            1.0, RSA Laboratories Technical Note, 1 Nov 1993.

   [PKC11]  ---, "PKCS #11: Cryptographic Token Interface Standard",
            ver. 1.0, 28 Apr 1995.

Top      Up      ToC       Page 203 
   [R0768]  Postel, J., "User Datagram Protocol", STD 6, RFC 768, August

   [R0791]  Postel, J., "Internet Protocol", STD 5, RFC 791, September

   [R0792]  Postel, J., "Internet Control Message Protocol", STD 5, RFC
            792, September 1981. [See: RFC 1885.]

   [R0793]  Postel, J., ed., "Transmission Control Protocol", STD 7, RFC
            793, September 1981.

   [R0821]  Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC
            821, August 1982.

   [R0822]  Crocker, D., "Standard for the Format of ARPA Internet Text
            Messages", STD 11, RFC 822, August 1982.

   [R0854]  Postel, J. and J. Reynolds, "TELNET Protocol Specification",
            STD 8, RFC 854, May 1983.

   [R0959]  Postel, J. and J. Reynolds, "File Transfer Protocol (FTP)",
            STD 9, RFC 959, October 1985.

   [R1034]  Mockapetris, P., "Domain Names--Concepts and Facilities",
            STD 13, RFC 1034, November 1987.

   [R1157]  Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple
            Network Management Protocol (SNMP)" [version 1], STD 15, RFC
            1157, May 1990.

   [R1208]  Jacobsen O. and D. Lynch, "A Glossary of Networking Terms",
            RFC 1208, March 1991.

   [R1319]  Kaliski, B., "The MD2 Message-Digest Algorithm", RFC 1319,
            April 1992.

   [R1320]  Rivest, R., "The MD4 Message-Digest Algorithm", RFC 1320,
            April 1992.

   [R1321]  Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
            April 1992.

   [R1334]  Lloyd, B. and W. Simpson, "PPP Authentication Protocols",
            RFC 1334, October 1992.

   [R1413]  St. Johns, M., "Identification Protocol", RFC 1413, February

Top      Up      ToC       Page 204 
   [R1421]  Linn, J., "Privacy Enhancement for Internet Electronic Mail,
            Part I: Message Encryption and Authentication Procedures",
            RFC 1421, February 1993.

   [R1422]  Kent, S., "Privacy Enhancement for Internet Electronic Mail,
            Part II: Certificate-Based Key Management", RFC 1422,
            February 1993.

   [R1455]  Eastlake, D., "Physical Link Security Type of Service", RFC
            1455, May 1993.

   [R1457]  Housley, R., "Security Label Framework for the Internet",
            RFC 1457, May 1993.

   [R1492]  Finseth, C., "An Access Control Protocol, Sometimes Called
            TACACS", RFC 1492, July 1993.

   [R1507]  Kaufman, C., "DASS: Distributed Authentication Security
            Service", RFC 1507, September 1993.

   [R1510]  Kohl, J. and C. Neuman, "The Kerberos Network Authentication
            Service (V5)", RFC 1510, September 1993.

   [R1591]  Kohl, J. and C. Neuman, "Domain Name System Structure and
            Delegation", March 1994.

   [R1630]  Berners-Lee, T., "Universal Resource Identifiers in WWW",
            RFC 1630, June 1994.

   [R1661]  Simpson, W., ed., " The Point-to-Point Protocol (PPP)", STD
            51, RFC 1661, July 1994.

   [R1731]  Myers, J., "IMAP4 Authentication Mechanisms", RFC 1731,
            December 1994.

   [R1734]  Myers, J., "POP3 AUTHentication Command", RFC 1734, December

   [R1738]  Myers, J., Masinter, L. and M. McCahill, ed's., "Uniform
            Resource Locators (URL)", RFC 1738, December 1994.

   [R1750]  Eastlake, D., Crocker, S. and J. Schiller, "Randomness
            Recommendations for Security", RFC 1750, December 1994.

   [R1777]  Yeong, W., Howes, T. and S. Kille, "Lightweight Directory
            Access Protocol", RFC 1777, March 1995.

Top      Up      ToC       Page 205 
   [R1808]  Fielding, R., "Relative Uniform Resource Locators", RFC
            1808, June 1995.

   [R1824]  Danisch, H., "The Exponential Security System TESS: An
            Identity-Based Cryptographic Protocol for Authenticated Key-
            Exchange (E.I.S.S.-Report 1995/4)", RFC 1824, August 1995.

   [R1828]  Metzger, P. and W. Simpson, "IP Authentication using Keyed
            MD5", RFC 1828, August 1995.

   [R1829]  Karn, P., Metzger, P. and W. Simpson, "The ESP DES-CBC
            Transform", RFC 1829, August 1995.

   [R1848]  Crocker, S., Freed, N., Galvin, J. and S. Murphy, "MIME
            Object Security Services", RFC 1848, October 1995.

   [R1851]  Karn, P., Metzger, P. and W. Simpson, "The ESP Triple DES
            Transform", RFC 1851, September 1995.

   [R1866]  Berners-Lee, T., "Hypertext Markup Language--2.0", RFC 1866,
            November 1995.

   [R1885]  Conta, A. and S. Deering, "Internet Control Message Protocol
            (ICMPv6) for the Internet Protocol Version 6 (IPv6)
            Specification", RFC 1885, December 1995.

   [R1928]  Leech, M., Ganis, M., Lee, Y., Kuris, R., Koblas, D. and L.
            Jones, "SOCKS Protocol Version 5", RFC 1928, March 1996.

   [R1938]  Haller, N. and C. Metzion, "A One-Time Password System", RFC
            1938, May 1996.

   [R1939]  Myers, J. and M. Rose, "Post Office Protocol - Version 3",
            STD 53, RFC 1939, May 1996.

   [R1958]  Carpenter, B., ed., "Architectural Principles of the
            Internet", RFC 1958, June 1996.

   [R1983]  Malkin, G., ed., "Internet Users' Glossary", FYI 18, RFC
            1983, August 1996.

   [R1994]  Simpson, W. "PPP Challenge Handshake Authentication Protocol
            (CHAP)", RFC 1994, August 1996.

   [R2023]  Postel, J. and J. Reynolds, "Instructions to RFC Authors",
            RFC 2023, October 1997.

Top      Up      ToC       Page 206 
   [R2026]  Bradner, S., "The Internet Standards Process--Revision 3",
            BCP 9, RFC 2026, March 1994.

   [R2045]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
            Extensions (MIME) Part One: Format of Internet Message
            Bodies", RFC 2045, November 1996.

   [R2060]  Crispin, M., "Internet Message Access Protocol--Version 4
            Revision 1", RFC 2060, December 1996.

   [R2065]  Eastlake, D., 3rd, "Domain Name System Security Extensions",
            RFC 2065, January 1997.

   [R2078]  Linn, J., "Generic Security Service Application Program
            Interface, Version 2", RFC 2078, January 1997.

   [R2084]  Bossert, G., Cooper, S. and W. Drummond, "Considerations for
            Web Transaction Security", RFC 2084, January 1997.

   [R2104]  Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-
            Hashing for Message Authentication", RFC 2104, February

   [R2119]  Bradner, S., "Key Words for Use in RFCs To Indicate
            Requirement Levels", BCP 14, RFC 2119, March 1997.

   [R2138]  Rigney, C., Rubens, A., Simpson, W. and S. Willens, "Remote
            Authentication Dial In User Service (RADIUS)", RFC 2138,
            April 1997.

   [R2137]  Eastlake, D., "Secure Domain Name System Dynamic Update",
            RFC 2137, April 1997.

   [R2179]  Gwinn, A., "Network Security For Trade Shows", RFC 2179,
            July 1997.

   [R2195]  Klensin, J., Catoe, R. and P. Krumviede, "IMAP/POP AUTHorize
            Extension for Simple Challenge/Response", RFC 2195, Sepember

   [R2196]  Fraser, B., "Site Security Handbook", FYI 8, RFC 2196,
            Sepember 1997.

   [R2202]  Cheng, P. and R. Glenn, "Test Cases for HMAC-MD5 and HMAC-
            SHA-1", RFC 2202, Sepember 1997.

Top      Up      ToC       Page 207 
   [R2222]  Myers, J., "Simple Authentication and Security Layer
            (SASL)", RFC 2222, October 1997.

   [R2223]  Postel, J., "Instructions to RFC Authors", RFC 2223, October

   [R2246]  Dierks, T. and C. Allen, "The TLS Protocol, Version 1.0",
            RFC 2246, January 1999.

   [R2284]  Blunk, L. and J. Vollbrecht, "PPP Extensible Authentication
            Protocol (EAP)", RFC 2284, March 1998.

   [R2315]  Kaliski, B., "PKCS #7: Cryptographic Message Syntax, Version
            1.5", RFC 2315, March 1998.

   [R2323]  Ramos, A., "IETF Identification and Security Guidelines",
            RFC 2323, 1 April 1998. [Intended for humorous entertainment
            ("please laugh loud and hard"); does not contain serious
            security information.]

   [R2350]  Brownlee, N. and E. Guttman, "Expectations for Computer
            Security Incident Response", RFC 2350, June 1998.

   [R2356]  Montenegro, C. and V. Gupta, "Sun's SKIP Firewall Traversal
            for Mobile IP", RFC 2356, June 1998.

   [R2373]  Hinden, R. and S. Deering, "IP Version 6 Addressing
            Architecture", RFC 2373, July 2998.

   [R2401]  Kent, S. and R. Atkinson, "Security Architecture for the
            Internet Protocol", RFC 2401, November 1998.

   [R2402]  Kent, S. and R. Atkinson, "IP Authentication Header", RFC
            2402, November 1998.

   [R2403]  Madson, C. and R. Glenn, "The Use of HMAC-MD5-96 within ESP
            and AH", RFC 2403, November 1998.

   [R2404]  Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within
            ESP and AH", RFC 2404, November 1998.

   [R2405]  Madson, C. and N. Doraswamy, "The ESP DES-CBC Cipher
            Algorithm With Explicit IV", RFC 2405, November 1998.

   [R2406]  Kent, S. and R. Atkinson, "IP Encapsulating Security Payload
            (ESP)", RFC 2406, November 1998.

Top      Up      ToC       Page 208 
   [R2407]  Piper, D., "The Internet IP Security Domain of
            Interpretation for ISAKMP", RFC 2407, November 1998.

   [R2408]  Maughan, D., Schertler, M., Schneider, M. and J. Turner,
            "Internet Security Association and Key Management Protocol
            (ISAKMP)", RFC 2408, November 1998.

   [R2409]  Harkins, D. and D. Carrel, "The Internet Key Exchange
            (IKE)", RFC 2409, November 1998.

   [R2410]  Glenn, R. and S. Kent, "The NULL Encryption Algorithm and
            Its Use With IPsec", RFC 2410, November 1998.

   [R2412]  Orman, H., "The OAKLEY Key Determination Protocol", RFC
            2412, November 1998.

   [R2451]  Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher
            Algorithms", RFC 2451, November 1998.

   [R2460]  Deering, S. and R. Hinden, "Internet Protocol, Version 6
            (IPv6) Specification", RFC 2460, December 1998.

   [R2504]  Guttman, E., Leong, L. and G. Malkin, "Users' Security
            Handbook", RFC 2504, February 1999.

   [R2510]  Adams, C. and S. Farrell, "Internet X.509 Public Key
            Infrastructure Certificate Management Protocols", RFC 2510,
            March 1999.

   [R2527]  Chokhani, S. and W. Ford, "Internet X.509 Public Key
            Infrastructure, Certificate Policy and Certification
            Practices Framework", RFC 2527, March 1999.

   [R2536]  EastLake, D., "DSA KEYs and SIGs in the Domain Name System
            (DNS)", RFC 2536, March 1999.

   [R2570]  Case, J., Mundy, R., Partain, D. and B. Stewart,
            "Introduction to Version 3 of the Internet-Standard Network
            Management Framework", RFC 2570, April 1999.

   [R2574]  Blumenthal, U. and B. Wijnen, "User-based Security Model
            (USM) for Version 3 of the Simple Network Management
            Protocol (SNMPv3)", RFC 2574, April 1999.

   [R2612]  Adams, C. and J. Gilchrist, "The CAST-256 Encryption
            Algorithm", RFC 2612, June 1999.

Top      Up      ToC       Page 209 
   [R2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter,
            L., Leach, P. and T. Berners-Lee, "Hypertext Transfer
            Protocol-- HTTP/1.1", RFC 2616, June 1999.

   [R2628]  Smyslov, V., "Simple Cryptographic Program Interface", RFC
            2628, June 1999.

   [R2630]  Housley, R., "Cryptographic Message Syntax", RFC 2630, June

   [R2631]  Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC
            2631, June 1999.

   [R2633]  Ramsdell, B., ed., "S/MIME Version 3 Message Specification",
            RFC 2633, June 1999.

   [R2634]  Hoffman, P., ed., "Enhanced Security Services for S/MIME",
            RFC 2634, June 1999.

   [R2635]  Hambridge, S. and A. Lunde, "Don't Spew: A Set of Guidelines
            for Mass Unsolicited Mailings and Postings", RFC 2635, June

   [Raym]   E. S. Raymond, ed., "The On-Line Hacker Jargon File", ver.
            4.0.0, 24 Jul 1996. (Also available as "The New Hacker's
            Dictionary", 2nd edition, MIT Press, Sep 1993, ISBN 0-262-
            18154-1. See: for the latest

   [Russ]   D. Russell and G. T. Gangemi Sr., Chapter 10 ("TEMPEST") in
            "Computer Security Basics", ISBN 0-937175-71-4, 1991.

   [Schn]   B. Schneier, "Applied Cryptography", John Wiley & Sons,
            Inc., New York, 1994.

   [SDNS3]  U.S. Department of Defense, National Security Agency,
            "Secure Data Network Systems, Security Protocol 3 (SP3)",
            document SDN.301, Revision 1.5, 15 May 1989.

   [SDNS4]  ---, ---, "Security Protocol 4 (SP4)", document SDN.401,
            Revision 1.2, 12 Jul 1988.

   [SDNS7]  ---, ---, "Secure data Network System, Message Security
            Protocol (MSP)", document SDN.701, Revision 4.0, 7 Jun 1996,
            with Corrections to Message Security Protocol, SDN.701, Rev
            4.0", 96-06-07, 30 Aug, 1996.

Top      Up      ToC       Page 210 
   [SET1]   MasterCard and Visa, "SET Secure Electronic Transaction
            Specification, Book 1: Business Description", ver. 1.0, 31
            May 1997.

   [SET2]   ---, "SET Secure Electronic Transaction Specification, Book
            2: Programmer's Guide", ver. 1.0, 31 May 1997.

   [Stei]   J. Steiner, C. Neuman, and J. Schiller, "Kerberos: An
            Authentication Service for Open Network Systems" in "Usenix
            Conference Proceedings", Feb 1988.

   [X400]   International Telecommunications Union--Telecommunication
            Standardization Sector (formerly "CCITT"), Recommendation
            X.400, "Message Handling Services: Message Handling System
            and Service Overview".

   [X500]   ---, Recommendation X.500, "Information Technology--Open
            Systems Interconnection--The Directory: Overview of
            Concepts, Models, and Services". (Equivalent to ISO 9594-1.)

   [X501]   ---, Recommendation X.501, "Information Technology--Open
            Systems Interconnection--The Directory: Models".

   [X509]   ---, Recommendation X.509, "Information Technology--Open
            Systems Interconnection--The Directory: Authentication
            Framework". (Equivalent to ISO 9594-8.)

   [X519]   ---, Recommendation X.519, "Information Technology--Open
            Systems Interconnection--The Directory: Protocol

   [X520]   ---, Recommendation X.520, "Information Technology--Open
            Systems Interconnection--The Directory: Selected Attribute

   [X680]   ---, Recommendation X.680, "Information Technology--Abstract
            Syntax Notation One (ASN.1)--Specification of Basic
            Notation", 15 Nov 1994. (Equivalent to ISO/IEC 8824-1.)

   [X690]   ---, Recommendation X.690, "Information Technology--ASN.1
            Encoding Rules--Specification of Basic Encoding Rules (BER),
            Canonical Encoding Rules (CER) and Distinguished Encoding
            Rules (DER)", 15 Nov 1994. (Equivalent to ISO/IEC 8825-1.)

Top      Up      ToC       Page 211 
5. Security Considerations

   This document only defines security terms and recommends how to use
   them. It does not describe in detail the vulnerabilities of, threats
   to, or mechanisms that protect specific Internet protocols.

6. Acknowledgments

   Pat Cain, Mike Kong, and Charles Lynn provided meticulous comments on
   an early draft.

7. Author's Address

   Please address all comments to:

   Robert W. Shirey                   GTE / BBN Technologies
   EMail:             Suite 1200, Mail Stop 30/12B2
   Phone: +1 (703) 284-4641           1300 Seventeenth Street North
   Fax:   +1 (703) 284-2766           Arlington, VA  22209-3801 USA

Top      Up      ToC       Page 212 
8. Full Copyright Statement

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an


   Funding for the RFC Editor function is currently provided by the
   Internet Society.