Web Server Management: Securing Access to Web Servers | ||
---|---|---|
Prev | Appendix A. References and further information |
RFCs. Many of the protocols and concepts mentioned in this course are described in RFCs. The University has a local copy of all RFCs at http://www-uxsup.csx.cam.ac.uk/pub/doc/rfc/ Relevant RFCs include
Post Office Protocol - Version 3
Internet Message Access Protocol - Version 4rev1 (IMAP)3
The TLS Protocol
Internet X.509 Public Key Infrastructure
Hypertext Transfer Protocol -- HTTP/1.1
The Secure HyperText Transfer Protocol (for HTTP over SSL)
Upgrading to TLS Within HTTP/1.1
HTTP Over TLS
PKCS series. The format of various files used to hold keys, certificate signing requests and the like, and some related algorithms, are defined in the PKCS series of documents published by RSALabs (the research arm of RSA Security). See http://www.rsasecurity.com/rsalabs/pkcs/index.html for links.
RSA Cryptography Standard 1
Diffie-Hellman Key Agreement Standard
Password-Based Cryptography Standard
Extended-Certificate Syntax Standard
Cryptographic Message Syntax Standard
Private-Key Information Syntax Standard
Selected Attribute Types
Certification Request Syntax Standard
Cryptographic Token Interface Standard
Personal Information Exchange Syntax Standard
Elliptic Curve Cryptography Standard
Cryptographic Token Information Format Standard
Other standards. SSL2: The SSL Protocol, Hickman, Kipp, Netscape Communications Corp., Feb 9, 1995
SSL3: The SSL 3.0 Protocol, A. Frier, P. Karlton, and P. Kocher, Netscape Communications Corp., Nov 18, 1996
X.509 certificates: ITU-T Recommendation X.509 (1997 E): Information Technology - Open Systems Interconnection - The Directory: Authentication Framework, June 1997.
ASN.1: CCITT Recommendation X.208: Specification of Abstract Syntax notation One. [see also A Layman's Guide to a Subset of ASN.1, BER, and DER, at ftp://ftp.rsasecurity.com/pub/pkcs/ascii/layman.asc (or .doc, .ps, .ps.gz)]