1. References

    [DH1] W. Diffie and M. E. Hellman, "New Directions in Cryptography," IEEE Transactions on Information Theory, V. IT-22, n. 6, Jun 1977, pp. 74-84.

    [3DES] W. Tuchman, "Hellman Presents No Shortcut Solutions To DES," IEEE Spectrum, v. 16, n. 7, July 1979, pp40-41.

    [DES] ANSI X3.106, "American National Standard for Information Systems-Data Link Encryption," American National Standards Institute, 1983.

    [DSS] NIST FIPS PUB 186, "Digital Signature Standard," National Institute of Standards and Technology, U.S. Department of Commerce, 18 May 1994.

    [FOR] NSA X22, Document # PD4002103-1.01, "Fortezza: Application Implementors Guide," April 6, 1995.

    [FTP] J. Postel and J. Reynolds, RFC 959: File Transfer Protocol, October 1985.

    [HTTP] T. Berners-Lee, R. Fielding, H. Frystyk, Hypertext Transfer Protocol -- HTTP/1.0, October, 1995.

    [IDEA] X. Lai, "On the Design and Security of Block Ciphers," ETH Series in Information Processing, v. 1, Konstanz: Hartung-Gorre Verlag, 1992.

    [KRAWCZYK] H. Krawczyk, IETF Draft: Keyed-MD5 for Message Authentication, November 1995.

    [MD2] R. Rivest. RFC 1319: The MD2 Message Digest Algorithm, April 1992.

    [MD5] R. Rivest. RFC 1321: The MD5 Message Digest Algorithm, April 1992.

    [PKCS1] RSA Laboratories, "PKCS #1: RSA Encryption Standard," version 1.5, November 1993.

    [PKCS6] RSA Laboratories, "PKCS #6: RSA Extended Certificate Syntax Standard," version 1.5, November 1993.

    [PKCS7] RSA Laboratories, "PKCS #7: RSA Cryptographic Message Syntax Standard," version 1.5, November 1993.

    [RSA] R. Rivest, A. Shamir, and L. M. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, v. 21, n. 2, Feb 1978, pp. 120-126.

    [RSADSI] Contact RSA Data Security, Inc., Tel: 415-595-8782

    [SCH] B. Schneier. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Published by John Wiley & Sons, Inc. 1994.

    [SHA] NIST FIPS PUB 180-1, "Secure Hash Standard," National Institute of Standards and Technology, U.S. Department of Commerce, DRAFT, 31 May 1994.

    [TCP] ISI for DARPA, RFC 793: Transport Control Protocol, September 1981.

    [TEL] J. Postel and J. Reynolds, RFC 854/5, May, 1993.

    [X509] CCITT. Recommendation X.509: "The Directory - Authentication Framework". 1988.

    [XDR] R. Srinivansan, Sun Microsystems, RFC-1832: XDR: External Data Representation Standard, August 1995.

  2. Authors

    Alan O. Freier
    Netscape Communications
    freier@netscape.com
    Paul C. Kocher
    Independent Consultant
    pck@netcom.com
    Philip L. Karlton
    Netscape Communications
    karlton@netscape.com

  3. Other contributors

    Martin Abadi
    Digital Equipment Corporation
    ma@pa.dec.com
    Robert Relyea
    Netscape Communications
    relyea@netscape.com
    Taher Elgamal
    Netscape Communications
    elgamal@netscape.com
    Jim Roskind
    Netscape Communications
    jar@netscape.com
    Anil Gangolli
    Netscape Communications
    gangolli@netscape.com
    Micheal J. Sabin, Ph. D.
    Consulting Engineer
    msabin@netcom.com
    Kipp E.B. Hickman
    Netscape Communications
    kipp@netscape.com
    Tom Weinstein
    Netscape Communications
    tomw@netscape.com

  4. Early reviewers

    Robert Baldwin
    RSA Data Security, Inc.
    baldwin@rsa.com
    Clyde Monma
    Bellcore
    clyde@bellcore.com
    George Cox
    Intel Corporation
    cox@ibeam.jf.intel.com
    Eric Murray
    ericm@lne.com
    Cheri Dowell
    Sun Microsystems
    cheri@eng.sun.com
    Avi Rubin
    Bellcore
    rubin@bellcore.com
    Stuart Haber
    Bellcore
    stuart@bellcore.com
    Don Stephenson
    Sun Microsystems
    don.stephenson@eng.sun.com
    Burt Kaliski
    RSA Data Security, Inc.
    burt@rsa.com
    Joe Tardo
    General Magic
    tardo@genmagic.com

    Send all written communication about this document to:

    Netscape Communications
    501 East Middlefield Rd.
    Mountain View, CA 94043
    Attn: Alan Freier

    Netscape Communications Corporation
    SSL Version 3.0 - March 1996