USOO7987274B2
`
`(12) United States Patent
`(10) Patent No.:
`US 7,987,274 B2
`
`Larson et al.
`(45) Date of Patent:
`*Jul. 26, 2011
`
`(54) METHOD FOR ESTABLISHING SECURE
`COMMUNICATION LINK BETWEEN
`COMPUTERS OF VIRTUAL PRIVATE
`NETWORK
`
`........................................ 709/227, 709/228
`(52) US. Cl.
`(58) Field of Classification Search .......... 709/2257229,
`709/245; 726/15
`See application file for complete search history.
`
`(75)
`
`Inventors: Victor Larson, Fairfax, VA (US);
`Robert Dunham Short, III, Leesburg,
`VA (US); Edmund Colby Munger,
`Crownsville, MD (US); Michael
`Williamson, South Riding, VA (US)
`
`(73) Assignee: Virnetx, Incorporated, Scotts Valley,
`CA (US)
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`2,895,502 A
`4,920,484 A
`4,933,846 A
`
`7/1959 Roper et al.
`4/1990 Ranade
`6/1990 Humphrey et al.
`(Continued)
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 15 days.
`
`DE
`
`This patent is subject to a terminal dis-
`claimer.
`
`FOREIGN PATENT DOCUMENTS
`19924575
`12/1999
`
`(Continued)
`
`OTHER PUBLICATIONS
`
`(21) Appl.No.: 11/839,9s7
`
`(22)
`
`Filed:
`
`Aug. 16, 2007
`
`(65)
`
`Prior Publication Data
`
`US 2008/0216168 A1
`
`Sep. 4, 2008
`
`Related US. Application Data
`
`(60) Continuation of application No. 11/679,416, filed on
`Feb. 27, 2007, which is a continuation of application
`No. 10/702,486, filed on Nov. 7, 2003, now Pat. No.
`7,188,180, which is a division of application No.
`09/558,209, filed on Apr. 26, 2000, now abandoned,
`which is a continuation-in—part of application No.
`09/504,783, filed on Feb. 15, 2000, now Pat. No.
`6,502,135, which is
`a
`continuation-in—part of
`application No. 09/429,643, filed on Oct. 29, 1999,
`now Pat. No. 7,010,604.
`
`(60) Provisional application No. 60/106,261, filed on Oct.
`30, 1998, provisional application No. 60/ 137,704,
`filed on Jun. 7, 1999.
`
`(51)
`
`Int. Cl.
`G06F 15/1 73
`
`(2006.01)
`
`U.S.App1. No. 60/134,547, filed May 17, 1999, Victor Sheymov.
`
`(Continued)
`
`Primary Examiner 7 Krisna Lim
`(74) Attorney, Agent, or Firm iMcDermott Will Emery
`LLP
`
`(57)
`
`ABSTRACT
`
`A technique is disclosed for establishing a secure communi-
`cation link between a first computer and a second computer
`over a computer network. Initially, a secure communication
`mode ofcommunication is enabled at a first computer without
`a user entering any cryptographic information for establish-
`ing the secure communication mode of communication.
`Then, a secure communication link is established between the
`first computer and a second computer over a computer net-
`work based on the enabled secure communication mode of
`communication. The secure communication link is a virtual
`
`private network communication link over the computer net-
`work in which one or more data values that vary according to
`a pseudo-random sequence are inserted into each data packet.
`
`18 Claims, 40 Drawing Sheets
`
`2701
`
`ACCESSTO
`SECURE SITE
`REQUESTED?
`
`
`PASS THRU
`REQUESTTO
`DNS SERVER
`
`REC
`DNS REQUEST
`
`I
`
`FORTARGETSITE
`
`
`
`
`
`USER
`AUTHORIZED T0
`CONNECT7
`
` 2106
`
`ESTABLISH
`VPNWIIH
`TARGET SITE
`
`Petitioner Apple Inc. - Exhibit 1027, p. 1
`
`Petitioner Apple Inc. - Exhibit 1027, p. 1
`
`

`

`US 7,987,274 B2
`
`Page2
`
`U.S. PATENT DOCUMENTS
`.
`18188: figget 31
`8,888,888 2
`1/1994 BoebeIt etal.
`5,276,735 A
`4/1994 B
`5303 302 A
`5/1994 C3385
`5,311,593 A
`7/1994 Walsh etal.
`5,329,521 A
`8/1994 Barney etal.
`5341426 A
`“/1994 Ch
`31
`5,367,643 A
`“1995 K.1:mgh‘?t
`~
`5,384,848 A
`4996 A831“
`5,511,122 A
`9/1996 W895”
`5,559,883 A
`1
`10/1996 L1 ”1mg
`55615669 A
`”/1996 Aem‘eyet”
`5,588,060 A
`”/1996 1(le
`1
`5,590,285 A
`4/1997 Uaulifeta~
`56255626 A
`5/1997 Mills/lag:
`56295984 A
`8/1997 Olnowich etal.
`5,654,695 A
`10/1997 Nak
`5682 480 A
`“/1997 N agawa
`56895566 A
`4998 1388828211
`5,740,375 A
`6/1998 Edelstein etal.
`5,764,906 A
`88888 84“???th
`5,774,883 2
`7/1998 [$1818 6 3'
`5787172 A
`8/1998 Sistanizadeh etal.
`5,790,548 A
`8/1998 Egbensen
`5796942 A
`9/1998 Holloway etal.
`5,805,801 A
`9/1998 Birrelletal
`5 805 803 A
`10/1998 Caronnietél
`5,822,434 A
`11/1998 Hughes etal.
`5,842,040 A
`12/1998 D
`1
`5 845091 A
`“1999 singed”
`58645666 A
`5867560 A mg” of er
`5,870,680 A
`2/1999 135‘ij
`1
`5,878,231 A
`”999 Bey}:
`5,892,903 A
`4999 Kasai
`5,898,830 A
`4/1999 Wesinger, Jr. et al.
`5,905,859 A
`5/1999 Holloway et al.
`5918018 A
`@999 G d
`1
`5,918,019 A
`@999 Vfign‘gfimeta'
`5,950,195 A
`9/1999 Stockwelletal.
`5,996,016 A
`11/1999 Thalheimeretal.
`6006259 A
`12/1999 Adelman etal
`6:006:272 A
`”/1999 Amvmudanetal.
`6016318 A
`“2000 T
`.k
`6,016,512 A
`“2000 H01?“ 6
`6,041,342 A
`”000 Yfizgfchi
`6,052,788 A
`4/2000 Wesingeretal.
`6,055,574 A
`4/2000 Smorodinskyetal.
`6,061,346 A
`5/2000 Noidnian ...................... 370/352
`6,061,736 A
`5/2000 Rochberger et al.
`6079020 A
`6/2000 Liu
`6,081,900 A
`6/2000 Subramaniam etal.
`6,092,200 A
`79000 Mumyappaetal'
`85188888 2
`88888 ilfinggdeh etal
`6,119,234 A
`”000 A. 3:31
`'1
`6,147,976 A
`“/2000 Sill:
`615797 A
`”/2000 B :81 38¢
`65158108118
`12/2000 Ci
`31:1
`6,168,409 B1
`“2001 F 6“ 3'
`6,173,399 B1
`1/2001 Gfigrech
`6’175’867 B1
`1,2001 Taghadoss
`6’178’409 B1
`1,2001 Weberetal.
`6,178,505 B1
`1/2001 Schneideretal.
`6,179,102 B1
`“2001 Weberetal.
`6,199,112 B1
`3/2001 Wilson
`6,202,081 B1
`3/2001 Naudus ......................... 709/200
`6,222,842 B1
`4/2001 Sasyan etal.
`6,223,287 B1
`4/2001 Douglas etal.
`6,226,748 B1
`5/2001 Bots et al.
`6,226,751 B1
`5/2001 Arrowetal.
`6,233,618 B1
`5/2001 Shannon
`6,243,360 B1
`6/2001 Basilico
`6,243,749 B1
`6/2001 Sitaraman etal.
`6,243,754 B1
`6/2001 Guerin etal.
`6,246,670 B1
`6/2001 Karlsson etal.
`6,256,671 B1
`7/2001 Strentzsch etal.
`
`7/2001 Mogul
`6,262,987 B1
`7/2001 Blumenau
`6,263,445 B1
`9/2001 Ramanathan etal.
`6,286,047 B1
`10/2001 Mann etal'
`6’298’341 B1
`10/2001 Hrastaretal.
`6,301,223 B1
`10/2001 Valencia
`6,308,213 B1
`1
`t
`888863,; E 18,3881 idwlfid 11
`e 3'
`’
`’
`‘gh 0
`6,314,463 B1
`11/2001 Abbottetal.
`6,324,161 B1
`11/2001 Kirch
`6,330,562 B1
`12/2001 Bodenetal.
`6,332,158 B1
`12/2001 Risleyetal.
`6,333,272 B1
`12/2001 McMillinetal.
`6,338,082 B1
`1/2002 Schneider
`6,353,614 B1
`3/2002 Borellaetal.
`6,425,003 B1
`7/2002 Herzogetal.
`6,430,155 B1
`8/2002 Davieetal.
`6’430’610 B1
`”002 carter-
`6,487,598 B1
`11/2002 Valencia
`6,502,135 B1
`12/2002 Mungeretal.
`6,505,232 B1
`1/2003 Mighdolletal.
`8241,3882 3 $88; X1181: 58:11
`6,557,037 B1
`4/2003 Provino ........................ 709/227
`6,571,296 B1
`5/2003 Dillon
`6’571’338 B1
`”003 Shaw “1'
`6,581,166 B1
`6/2003 lestetal.
`88833851; 3:
`3,388; Blew“ etali
`’
`’
`“Hg-met”
`6,671,702 B2
`12/2003 Krugllkovetal.
`6’687’551 B2
`”004 Stemdl
`6,687,746 B1
`2/2004 Shuster et al.
`6,701,437 B1
`3/2004 Hokeetal.
`6,714,970 B1
`3/2004 Fiveashetal.
`6,717,949 B1
`4/2004 Bodenetal.
`6,751,738 B2
`6/2004 Wesinger, Jr. etal.
`6,752,166 B2
`6/2004 Lulletal.
`8388388 31
`8,388: £38812: 31'
`’
`’
`q
`6,826,616 B2
`11/2004 Larsonetal.
`6,839,759 B2
`1/2005 Larsonetal.
`33838347, 3
`$882 fioseflberg e11 31'
`’
`’
`ungereta'
`7,039,713 B1
`5/2006 Van Gunter et al.
`7,072,964 B1
`7/2006 Whlttleetal.
`7,133,930 B2
`11/2006 Mungeretal.
`7,167,904 B1
`1/2007 Devarajanetal.
`7,188,175 B1
`3/2007 McKeeth
`1
`383882 3%
`3,388; 88““ et 31'
`7’353’841 B2
`4,2008 Koiané‘gleta'
`7’461’334 B1
`12,2008 Lu em '
`’
`’
`'
`7,490,151 B2
`2/2009 Mungeretal.
`2001330235478? 8%
`13,388? 381111683;
`'
`2002/0004898 A1
`1/2002 D182?
`2003/0196122 A1
`10/2003 Wesinger, Jr. et al.
`2004/0199493 A1
`10/2004 Ruiz etal.
`2004/0199520 A1
`10/2004 Ruizetal.
`2004/0199608 A1
`10/2004 Rechterman etal.
`2004/0199620 A1
`10/2004 Ruizetal.
`2005/0055306 A1
`3/2005 Milleretal.
`2006/0059337 A1
`3/2006 Poyhonen etal.
`2007/0208869 A1
`9/2007 Adelnian etal.
`2007/0214284 A1
`9/2007 King etal.
`2007/0266141 A1
`“/2007 N080“
`2008/0235507 A1
`9/2008 Ishikawa etal.
`
`EP
`EP
`EP
`EP
`GB
`GB
`GB
`JP
`JP
`JP
`
`FOREIGN PATENT DOCUMENTS
`0838930
`4/1988
`0814589
`12/1997
`836306
`4/1998
`0858189
`8/1998
`2317792
`4/1998
`2334181
`8/1999
`2340702
`2/2000
`62-214744
`9/1987
`04-363941
`12/1992
`09-018492
`1/1997
`
`Petitioner Apple Inc. - Exhibit 1027, p. 2
`
`Petitioner Apple Inc. - Exhibit 1027, p. 2
`
`

`

`US 7,987,274 B2
`
`Page 3
`
`JP
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`W0
`W0
`W0
`WO
`
`10-070531
`WO98/27783
`WO9843396
`WO9855930
`WO9859470
`WO99/11019
`WO9938081
`WO9948303
`WO 00/17775
`WO 00/70458
`WO 01/16766
`W00150688
`
`3/1998
`6/1998
`10/1998
`12/1998
`12/1998
`3/1999
`7/1999
`9/1999
`3/2000
`11/2000
`3/2001
`7/2001
`
`OTHER PUBLICATIONS
`
`U.S. Appl. No. 60/151,563, filed Aug. 31, 1999, Bryan Whittles.
`U.S. Appl. No. 09/399,753, filed Sep. 22, 1998, Graig Miller et al.
`Microsoft Corporation’s Fourth Amended Invalidity Contentions
`dated Jan. 5, 2009, VzrnetX Inc. and Science Applications Interna—
`tional Corp. V. Microsoft Corporation.
`Appendix A of the Microsoft Corporation’s Fourth Amended Inval-
`idity Contentions dated Jan. 5, 2009.
`Concordance Table For the References Cited in Tables on pp. 6-15,
`71-80 and 116-124 of the Microsoft Corporation’s Fourth Amended
`Invalidity Contentions dated Jan. 5, 2009.
`1. P Mockapetris, “DNS Encoding of Network Names and Other
`Types,” NetworkWorking Group, RFC 1101 (Apr. 1989) (RFCl 101,
`DNS SRV).
`DNS-related correspondence dated Sep. 7, 1993 to Sep. 20, 1993.
`(Pre KX, KX Records).
`R Atkinson, “An Internetwork Authentication Architecture,” Naval
`Research Laboratory, Center for High Assurance Computing Sys-
`tems (Aug. 5, 1993), (Atkinson NRL, KX Records).
`Henning Schulzrinne, Personal Mobility For Multimedia Services In
`The Internet, Proceedings of the Interactive Distributed Multimedia
`Systems
`and Services European Workshop at
`143
`(1996).
`(Schulzrinne 96).
`Microsoft Corp , Microsoft Virtual Private Networking: Using Point—
`to—Point Tunneling Protocol for Low—Cost, Secure, Remote Access
`Across the Internet (1996) (printed from 1998 PDC DVD-ROM).
`(Point to Point, Microsoft Prior Art VPN Technology).
`“Safe Surfing: How to Build a Secure World Wide Web Connection,”
`IBM Technical Support Organization, (Mar. 1996). (Safe Surfing,
`Website Art).
`, “Hiding Routing Information,” Workshop on
`Goldschlag, et al
`Information Hiding, Cambridge, UK (May 1996). (Goldschlag II,
`Onion Routing).
`“IPSec Minutes From Montreal”, IPSEC Working Group Meeting
`Notes, http://www sandleman ca/ipsec/1996/03/msg00018 html
`(Jun. 1996) (IPSec Minutes, FreeS/WAN).
`J M Galvin, “Public Key Distribution with Secure DNS,” Proceed-
`ings of the Sixth USENIX UNIX Security Symposium, San Jose,
`California, Jul. 1996. (Galvin, DNSSEC).
`J Gilmore, et al “Re: Key Management, anyone? (DNS Keying),”
`IPSec Working Group Mailing List Archives (Aug. 1996). (Gilmore
`DNS, FreeS/WAN).
`H. Orman, et al. “Re: ’Re: DNS? was Re: Key Management, any-
`one?” IETF IPSec Working Group Mailing List Archive (Aug. 1996-
`Sep. 1996). (Orman DNS, FreeS/WAN).
`Arnt Gulbrandsen & Paul Vixie, A DNSRRfor specifying the location
`ofservices (DNS SRV), IETF RFC 2052 (Oct. 1996). (RFC 2052,
`DNS SRV).
`Freier, et al “The SSL Protocol Version 3.0,” Transport Layer Secu-
`rity Working Group (Nov. 18, 1996). (SSL, Underlying Security
`Technology).
`M. Handley, H Schulzrinne, E Schooler, Internet Engineering Task
`Force, Internet Draft, (Dec. 2, 1996) (RFC 2543 Internet Draft 1).
`M G Reed, et a1 “Proxies for Anonymous Routing,” 12th Annual
`Computer Security Applications Conference, San Diego, CA, Dec.
`9-13, 1996. (Reed, Onion Routing).
`Kenneth F Alden & Edward P. Wobber, TheAlta Vista Tunnel: Using
`theInternet to Extend Corporate Networks, Digital Technical Journal
`(1997) (Alden, AltaVista.
`
`
`
`Automative Industry Action Group, “ANX Release 1 Document Pub-
`lication,” AIAG (1997). (AIAG, ANX).
`Automative Industry Action Group, “ANX Release 1 Draft Docu-
`ment Publication,” AIAG Publications (1997).
`(AIAG Release,
`ANX).
`Aventail Corp., “AutoSOCKS v 2.1 Datasheet,” available at http://
`www.archive.org/web/19970212013409/www.aventail.com/prod/
`autosk2ds.html (1997). (AutoSOCKS, Aventail).
`Aventail Corp, “Aventail VPN Data Sheet,” available at http://www.
`archive.org/web/l9970212013043/www.aventail.com/prod/
`vpndata.html (1997) .(Data Sheet, Aventail).
`Aventail Corp , “Directed VPN Vs. Tunnel,” available at http://web.
`archive.org/web/l9970620030312/www.aventail.com/educate/
`directvpn.html (1997). (Directed VPN, Aventail).
`Aventail Corp , “Managing Corporate Access to the Internet,”
`Aventail AutoSOCKS White Paper available at http://web.archive.
`org/web/ 19970620030312/www.aventail.com/educate/whitepaper/
`ipmwp.html (1997). (Corporate Access, Aventail).
`Aventail Corp., “Socks Version 5,” Aventail Whitepaper, available at
`http://web.archive.org/web/19970620030312/www.aventail.com/
`educate/whitepaper/sockswp html (1997) (Socks, Aventail).
`Aventail Corp., “VPN Server V2.0 Administration Guide,” (1997)
`(VPN, Aventail).
`Goldschlag, et a1 “Privacy on the Internet,” Naval Research Labora-
`tory, Center
`for High Assurance Computer Systems
`(1997).
`(Goldschlag I, Onion Routing).
`VIicrosoft Corp , Installing Configuring and Using PPTP with
`Microsoft Clients and Servers (1997). (Using PPTP, Microsoft Prior
`Art VPN Technology).
`VIicrosoft Corp., IP Securityfor Microsoft Windows NT Server 5.0
`(1997) (printed from 1998 PDC DVD-ROM). (IP Security, Microsoft
`Prior Art VPN Technology).
`VIicrosoft Corp , Microsoft Windows NTActive Directory: An Intro—
`duction to the Next Generation Directory Services (1997) (printed
`from 1998 PDC DVD-ROM) (Directory, Microsoft Prior Art VPN
`Technology).
`VIicrosoft Corp , Routing andRemoteAccess Servicefor Windows NT
`Server NewOpportunities Today and Looking Ahead (1997) (printed
`from 1998 PDC DVD-ROM).(Routing, Microsoft Prior Art VPN
`Technology).
`VIicrosoft Corp. , Understanding Point—to—Point Tunneling Protocol
`PPTP (1997) (printed from 1998 PDC DVD-ROM). (Understanding
`PPTP, Microsoft Prior Art VPN Technology).
`J Mark Smith et a1 , Protecting a Private Network: The Alta Vista
`Firewall, Digital Technical Journal (1997). (Smith, AltaVista).
`Naganand Doraswamy Implementation of Virtual Private Networks
`(VPNs) with IPSecurity, <draft-ietf-ipsec-vpn-00.txt> (Mar. 12,
`1997). (Doraswamy).
`M. Handley, H. Schulzrinne, E Schooler, Internet Engineering Task
`Force, Internet Draft, (Mar. 27, 1997) (RFC 2543 Internet Draft 2).
`Aventail Corp., “Aventail and Cybersafe to Provide Secure Authen-
`tication For Internet and Intranet Communication,” Press Release,
`Apr. 3, 1997. (Secure Authentication, Aventail).
`D Wagner, et al. “Analysis of the SSL 3.0 Protocol,” (Apr. 15, 1997)
`(Analysis, Underlying Security Technologies).
`Automotive Industry Action Group, “ANXO Certification Authority
`Service and Directory Service Definition for ANX Release 1,” AIAG
`Telecommunications Project Team and Bellcore (May 9, 1997).
`(AIAG Defintion, ANX).
`Automotive Industry Action Group, “ANXO Certification Process
`and ANX Registration Process Definition for ANX Release 1,”AIAG
`Telecommunications Project Team and Bellcore (May 9, 1997).
`(AIAG Certification, ANX).
`Aventail Corp., “Aventail Announces the First VPN Solution to
`Assure Interoperability Across Emerging Security Protocols,” Jun. 2,
`1997, (First VPN, Aventail).
`Syverson, et al. “Private Web Browsing,” Naval Research Laboratory,
`Center for High 8 Assurance Computer Systems (Jun. 2, 1997).
`(Syverson, Onion Routing).
`Bellcore, “Metrics, Criteria, and Measurement Technique Require-
`ments for ANX Release 1,” AIAG Telecommunications Project Team
`and Bellcore (Jun. 16, 1997) (AIAG Requirements, ANX).
`
`Petitioner Apple Inc. - Exhibit 1027, p. 3
`
`Petitioner Apple Inc. - Exhibit 1027, p. 3
`
`

`

`US 7,987,274 B2
`
`Page 4
`
`M. Handley, H. Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jul. 31, 1997) (RFC 2543 Internet Draft 3).
`R. Atkinson, “Key Exchange Delegation Record for the DNS,” Net-
`work Working Group, RFC 2230 (Nov. 1997). (RFC 2230, KX
`Records).
`M. Handley, H Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Nov. 11, 1997). (RFC 2543 Internet Draft 4).
`1998 Microsoft Professional Developers Conference DVD (“1998
`PDC DVD-ROM”) (including screenshots captured therefrom and
`produced
`as MSFTVX 00018827-00018832).
`(Conference,
`Microsoft Prior Art VPN Technology).
`Microsoft Corp , Virtual Private Networking An Overview (1998)
`(printed from 1998 PDC DVD-ROM) (Overview, Microsoft PriorArt
`VPN Technology).
`Microsoft Corp., Windows NT 5.0 Beta Has Public Premiere at
`Seattle Mini—Camp Seminar attendees get first look at the perfor—
`mance and capabilities ofWindows NT 5 0 (1998) (available at hap //
`www.micro soft
`com/presspass/features/l998/10-19nt5.
`mspxpftrue).(NT Beta, Microsoft Prior Art VPN Technology).
`“What ports does SSL use” available at stason.org/TULARC/secu-
`rity/ssl-talld3-4-What-ports-does-ssl-use.htrnl (1998). (Ports, DNS
`SRV).
`Aventail Corp., “Aventail VPNV2.6 Includes Support for More Than
`Ten Authentication Methods Making Extranet VPN Development
`Secure and Simple,” Press Release, Jan. 19, 1998. (VPN V2.6,
`Aventail).
`R. G. Moskowitz, “Network Address Translation Issues with IPsec,”
`Internet Draft,
`Internet Engineering Task Force, Feb. 6, 1998.
`(Moskowitz).
`H. Schulzrinne, et al, “Internet Telephony Gateway Location,” Pro-
`ceedings of IEEE INfocom ’98, The Conference on Computer Com-
`munications, vol. 2 ( Mar. 29-Apr. 2, 1998). (Gateway, Schulzrinne).
`C. Huitema, 45 a1 “Simple Gateway Control Protocol,” Version 1 0
`(May 5, 1998) (SGCP).
`DISA “Secret Internet Protocol Router Network,” SIPRNET Pro-
`gram Management Office (D31 13) DISN Networks, DISN Transmis-
`sion Services (May 8, 1998). (DISA, SIPRNET).
`VI. Handley, H. Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (May 14, 1998) (RFC 2543 Internet Draft 5).
`VI. Handley, H. Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jun. 17, 1998) (RFC 2543 Internet Draft 6).
`D. McDonald, et al. “PFiKEY Key Management API, Version 2,”
`\Ietwork Working Group, RFC 2367 (Jul. 1998). (RFC 2367).
`VI Handley, H. Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jul. 16, 1998). (RFC 2543 Internet Draft 7).
`VI Handley, H. Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Aug. 7, 1998) (RFC 2543 Internet Draft 8).
`VIicrosoft Corp., Company Focuses on Quality and Customer Feed—
`back(Aug. 18, 1998). (Focus, Microsoft PriorArtVPN Technology).
`VI Handley, H Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Sep. 18, 1998). (RFC 2543 Internet Draft 9).
`Atkinson, et a1. “Security Architecture for the Internet Protocol,”
`\Ietwork Working Group, RFC 2401 (Nov. 1998). (RFC 2401,
`Underlying Security Technologies).
`VI. Handley, H Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Nov. 12, 1998) (RFC 2543 Internet Draft 10)
`9.
`Donald Eastlake, Domain Name System Security Extensions, IETF
`DNS Security Working Group (Dec. 1998). (DNSSEC-7).
`M Handley, H Schulzrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Dec. 15, 1998). (RFC 2543 Internet Draft 11).
`Aventail Corp., “Aventail Connect 3.1/2.6Administrator’s Guide,”
`(1999). (Aventail Administrator 3 1, Aventail).
`Aventail Corp., “Aventail Connect 3 1/2.6 User’s Guide,” (1999)
`(Aventail User 3.1, Aventail).
`Aventail Corp., “Aventail ExtraWeb Server v3 2 Administrator’s
`Guide,” (1999) (Aventail ExtraWeb 3 2, Aventail).
`Kaufman et al, “Implementing IPsec,” (Copyright 1999). (Imple-
`menting IPSEC, VPN References).
`Network Solutions,
`Inc. “Enabling SSL,” NSI Registry (1999).
`(Enabling SSL, Underlying Security Technologies).
`Check Point Software Technologies Ltd.
`(1999) (Check Point,
`Checkpoint FW).
`
`
`
`Arnt Gulbrandsen & PaulVixie, A DNSRRfor specifying the location
`of services (DNS SRV), <draft-ietf-dnsind-frc2052bis-02.txt> (Jan.
`1999). (Gulbrandsen 99, DNS SRV).
`C. Scott, et al. Virtual Private Networks, O’Reilly and Associates,
`Inc, 2nd ed (Jan. 1999). (Scott VPNs).
`M. Handley, H. Schulzrinne, E Schooler, Internet Engineering Task
`Force, Internet Draft, (Jan. 15, 1999) (RFC 2543 Internet Draft 12).
`Goldschlag, et al
`, “Onion Routing for Anonymous and Private
`Internet Connections,” Naval Research Laboratory, Center for High
`Assurance Computer Systems (Jan. 28, 1999). (Goldschlag III,
`Onion Routing).
`H. Schulzrinne, “Internet Telephony: architecture and protocolsian
`IETF perspective,” Computer Networks, vol. 31, No. 3 (Feb. 1999).
`(Telephony, Schulzrinne).
`M. Handley, et al. “SIP: Session Initiation Protocol,” Network Work-
`ing Group, RFC 2543 and Internet Drafts (Dec. 1996-Mar. 1999).
`(Handley, RFC 2543).
`FreeS/WAN Project, LinuxFreeS/WAN Compatibility Guide (Mar. 4,
`1999) (FreeS/WAN Compatibility Guide, FreeS/WAN).
`Telcordia Technologies, “ANX Release 1 Document Corrections,”
`AIAG (May 11, 1999). (Telcordia, ANX).
`Ken Hornstein & Jeffrey Altman, Distributing Kerberos KDC and
`Realm Information with DNS <draft-eitf-cat-krb-dns-locate-oo.txt>
`(Jun. 21, 1999). (Hornstein, DNS SRV).
`Bhattacharya et. al. “An LDAP Schema for Configuration and
`Administration of IPSec Based Virtual Private Networks (VPNs)”,
`IETF Internet Draft (Oct. 1999) (Bhattcharya LDAP VPN).
`B. Patel, et al “DHCP Configuration of IPSEC Tunnel Mode,” IPSEC
`Working Group, Internet Draft 02 (Oct. 15, 1999). (Patel).
`Goncalves, et al. Check Point FireWall —1 Administration Guide,
`McGraw-Hill Companies (2000). (Goncalves, Checkpoint FW).
`“Building a Microsoft VPN: A Comprehensive Collection of
`Microsoft Resources,” FirstVPN, (Jan. 2000). (FirstVPN Microsoft).
`Gulbrandsen, Vixie, & Esibov, A DNS RRfor specifying the location
`ofservices (DNS SRV), IETF RFC 2782 (Feb. 2000). (RFC 2782,
`>
`DNS SRV).
`MITRE Organization,
`“Technical Description,’ Collaborative
`Operations in Joint Expeditionary Force Experiment (JEFX) 99 (Feb.
`2000). (MITRE, SIPRNET).
`H. Schulzrinne, et al. “Application-Layer Mobility Using SIP,”
`Mobile Computing and Communications Review, vol. 4, No. 3. pp.
`47-57 (Jul. 2000). (Application, SIP).
`Kindred et al, “Dynamic VPN Communities: Implementation and
`Experience,” DARPA Information Survivability Conference and
`Exposition II (Jun. 2001). (DARPA, VPN Systems).
`ANX 101: Basic ANX Service Outline. (Outline, ANX).
`ANX 201: Advanced ANX Service. (Advanced, ANX).
`Appendix A: Certificate Profile for ANX IPsec Certificates. (Appen-
`dix, ANX).
`Assured Digital Products. (Assured Digital).
`Aventail Corp., “Aventail AutoSOCKS the Client Key to Network
`Security,” Aventail Corporation White Paper. (Network Security,
`Aventail).
`Cindy Moran, “DISN Data Networks: Secret Internet Protocol
`Router Network (SIPRNet).” (Moran, SIPRNET).
`Data Fellows F-Secure VPN+ (F-Secure VPN+).
`Interim Operational Systems Doctrine for the Remote Access Secu-
`rity Program (RASP) Secret Dial-In Solution. (RASP, SIPRNET).
`Onion Routing, “Investigation ofRoute Selection Algorithms,” avail-
`able
`at
`http://www.onion-router.net/Archives/Route/index.html.
`(Route Selection, Onion Routing).
`Secure Computing, “Bullet-Proofing an Army Net,” Washington
`Technology (Secure, SIPRNET).
`Sparta “Dynamic Virtual Private Network” (Sparta, VPN Systems).
`Stande Operation Procedure for Using the 1910 Secure Modems.
`(Standard, SIPRNET).
`FreeS/WAN
`to
`relating
`emails
`Publically
`available
`(MSFTVX00018833 -MSFTVX0019206).
`(FreeS/WAN emails,
`FreeS/WAN).
`Kaufman et al., “Implementing lPsec,” (Copyright 1999) (Imple-
`menting IPsec).
`Network Associates Gauntlet Firewall For Unix User’s Guide Ver—
`sion 5.0 (1999). (Gauntlet User’s GuideiUnix, Firewall Products).
`
`Petitioner Apple Inc. - Exhibit 1027, p. 4
`
`Petitioner Apple Inc. - Exhibit 1027, p. 4
`
`

`

`US 7,987,274 B2
`
`Page 5
`
`Network Associates Gauntlet Firewall For Windows NT Getting
`Started Guide Version 5.0 (1999) (Gauntlet Getting Started Guidei
`NT, Firewall Products).
`Network Associates Gauntlet Firewall For Unix Getting Started
`Guide Version 5.0 (1999) (Gauntlet Unix Getting Started Guide,
`Firewall Products).
`Network Associates Release Notes Gauntlet Firewall for Unix 5.0
`(Mar. 19, 1999) (Gauntlet Unix Release Notes, Firewall Products).
`NetworkAssociates Gauntlet Firewall For Windows NTAdministra—
`tor ’s Guide Version 5. 0 (1999) (Gauntlet NT Administrator’ s Guide,
`Firewall Products).
`Internet Firewall
`Inc Gauntlet
`Trusted Information Systems,
`Firewall—to—Firewall Encryption Guide Version 3.1 (1996) (Gauntlet
`Firewall-to-Firewall, Firewall Products).
`Network Associates Gauntlet Firewall Global Virtual Private Net—
`work User ’s Guidefor Windows NT Version 5. 0 (1999) (Gauntlet NT
`GVPN, GVPN).
`Network Associates Gauntlet Firewall For UNIX Global Virtual Pri—
`vate Network User’s Guide Version 5. 0 (1999) (Gauntlet Unix
`GVPN, GVPN).
`Dan Sterne Dynamic Virtual Private Networks (May 23, 2000)
`(Sterne DVPN, DVPN).
`Darrell Kindred Dynamic Virtual Private Networks (DVPN) (Dec.
`21, 1999) (Kindred DVPN, DVPN).
`Dan Sterne et.al. TIS Dynamic Security Perimeter Research Project
`Demonstration (Mar. 9, 1998)
`(Dynamic Security Perimeter,
`DVPN).
`Darrell Kindred Dynamic Virtual Private Networks Capability
`Description (Jan. 5, 2000) (Kindred DVPN Capability, DVPN) 11.
`Oct.
`7,
`and 28,
`1997 email
`from Domenic
`J. Turchi
`Jr
`(SPARTA00001712-1714,
`1808-1811)
`(Turchi DVPN email,
`DVPN).
`James Just & Dan Sterne Security Quickstart Task Update (Feb. 5,
`1997) (Security Quickstart, DVPN).
`Virtual Private Network Demonstration dated Mar. 21, 1998
`(SPARTA00001844-54) (DVPN Demonstration, DVPN).
`GTE Internetworking & BBN Technologies DARPA Information
`Assurance Program Integrated Feasibility Demonstration (IFD) 1.]
`Plan (Mar. 10, 1998) (IFD 1.1, DVPN).
`Microsoft Corp Windows NT Server Product Documentation:
`Administration Guide%onnection Point Services, available at
`http://www
`microsoft.com/technet/archive/winntas/proddocs/
`inetconctservice/cpsops.mspx
`(Connection
`Point
`Services)
`(Although undated, this reference refers to the operation of prior art
`versions of Microsoft Windows Accordingly, upon information and
`belief, this reference is prior art to the patents-insuit.).
`Microsoft Corp. Windows NT Server Product Documentation:
`Administration Kit GuideiConnection Manager, available at http://
`www.micro soft.com/technet/archive/winntas/proddocs/
`(Although
`inetconctservice/cmak mspx (Connection Manager)
`undated, this reference refers to the operation of prior art versions of
`Microsoft Windows such as Windows NT 4.0. Accordingly, upon
`information and belief, this reference is prior art to the patents-in-
`suit.).
`Microsoft Corp. Autodial Heuristics, available at http://support.
`microsoft.com/kb/ 164249 (Autodial Heuristics) (Although undated,
`this reference refers to the operation ofprior art versions of Microsoft
`Windows such as Windows NT 4 0. Accordingly, upon information
`and belief, this reference is prior art to the patents-in-suit.).
`Microsoft Corp., Cariplo: Distributed Component Object Model,
`(1996)
`available
`at
`http://msdn2.microsoft.com/en-us/library/
`ms809332(printer).aspx (Cariplo I).
`Marc Levy, COM Internet Services (Apr. 23, 1999), available at
`http://msdn2.microsoft.com/en-us/library/ms809302(printer).aspx
`(Levy).
`Markus Horstmann and Mary Kirtland, DCOM Architecture (Jul. 23,
`1997),
`available
`at
`http://msdn2.microsoft.com/en-us/library/
`ms80931 1(printer).aspx (Horstmann).
`Microsoft Corp., DCOM: A Business Overview (Apr. 1997), avail-
`able at http://msdn2.microsoft com/en-us/library/ms809320(printer)
`aspx (DCOM Business Overview I).
`
`
`
`VIicrosoft Corp., DCOM Technical Overview (Nov. 1996), available
`at http://msdn2 micro soft com/en-us/iibrary/ms809340(printer) aspx
`(DCOM Technical Overview I).
`VIicrosoft Corp., DCOM Architecture White Paper (1998) available
`in PDC DVD-ROM (DCOM Architecture).
`VIicrosoft Corp, DCOMiThe Distributed Component Object
`VIodel, A Business Overview White Paper (Microsoft 1997) avail-
`able in PDC DVD-ROM (DCOM Business Overview II).
`VIicrosoft Corp., DCOMiCariplo Home Banking Over The Internet
`White Paper (Microsoft 1996) available in PDC DVD-ROM (Cariplo
`II).
`VIicrosoft Corp., DCOM Solutions in Action White Paper (Microsoft
`1996) available in PDC DVD-ROM (DCOM Solutions in Action).
`VIicrosoft Corp., DCOM Technical Overview White Paper
`(Microsoft 1996) available 12 in PDC DVD-ROM (DCOM Technical
`Overview II).
`125. Scott Suhy & Glenn Wood, DNS and Microsoft Windows NT 4
`0,
`(1996) available at http://msdn2.microsoft.com/en-us/library/
`ms810277(printer).aspx (Suhy).
`126. Aaron Skonnard, Essential WinInet 313-423 (Addison Wesley
`Longman 1998) (Essential WinInet).
`Microsoft Corp Installing, Configuring, and Using PPTP with
`Microsoft Clients and Servers, (1998) available at http://msdn2.
`microsoft.com/enus/library/ms811078(printer).aspx (Using PPTP).
`Microsoft Corp., Internet Connection Services for MS RAS, Stan-
`dard Edition, http://www.microsoft.com/technet/archive/winntas/
`proddocs/inetconctservice/bcgstart mspx (Internet Connection Ser-
`vices I).
`Microsoft Corp., Internet Connection Services for RAS, Commercial
`Edition,
`available
`athttp://www microsoft.com/technet/archive/
`winntas/proddocs/inetconctservice/bcgstrtc.mspx (Internet Connec-
`tion Services II).
`Microsoft Corp., Internet Explorer 5 Corporate Deployment Guidei
`Appendix B:Enabling Connections with the Connection Manager
`Administration Kit, available at http://www.microsoft.com/technet/
`prodtechnol/
`ie/deploy/deploy5/appendb.mspx
`(IE5 Corporate
`Development).
`Mark Minasi, Mastering Windows NT Server 4 1359-1442 (6th ed ,
`Jan. 15, 1999)(Mastering Windows NT Server).
`Hands On, Self—Paced Trainingfor Supporting Version 4.0 371-473
`(Microsoft Press 1998) (Hands On).
`Microsoft Corp., MS Point-to-Point Tunneling Protocol (Windows
`NT 4.0), available at http://www.microsoft.com/technet/archive/
`winntas/maintain/featusability/pptpwp3.mspx (MS PPTP).
`Kenneth Gregg, et al., Microsoft Windows NTServerAdministrator ’s
`Bible 173 -206, 883 -911, 974-1076 (IDG Books Worldwide 1999)
`(Gregg)
`Microsoft Corp., Remote Access (Windows), available at http://
`msdn2 microsoft.com/en-us/library/bb545687(VS.85,printer).aspx
`(Remote Access).
`Microsoft Corp., Understanding PPTP (Windows NT 4.0), available
`at http://www.microsoft.com/technet/archive/winntas/plan/pptpudst
`mspx (Understanding PPTP NT 4) (Although undated, this reference
`refers to the operation of prior art versions of Microsoft Windows
`such as Windows NT 4.0 Accordingly, upon information and belief,
`this reference is prior art to the patents-in-suit.).
`Microsoft Corp , Windows NT 4.0: Virtual Private Networking, avail-
`able at http://www.microsoft.com/technet/archive/winntas/ deploy/
`confeat/vpntwk mspx (NT4 VPN) (Although undated, this reference
`refers to the operation of prior art versions of Microsoft Windows
`such as Windows NT 4 0 Accordingly, upon information and belief,
`this reference is prior art to the patents-in-suit.).
`Anthony Northrup, NT Network Plumbing.‘ Routers, Proxies, and
`Web Services 299-399 (IDG Books Worldwide 1998) (Network
`Plumbing).
`Microsoft Corp., Chapter lilntroduction to Windows NT Routing
`with Routing and Remote Access Service, Available at http://www.
`micro soft. com/technet/archive/winntas/proddoc s/
`rras40/rrasch01 .
`mspx (Intro to RRAS) (Although undated, this reference refers to the
`operation of prior art versions of Microsoft Windows such as Win-
`dows NT 4 0. Accordingly, upon information and belief, this refer-
`ence is prior art to the patents-in-suit.) 13.
`
`Petitioner Apple Inc. - Exhibit 1027, p. 5
`
`Petitioner Apple Inc. - Exhibit 1027, p. 5
`
`

`

`US 7,987,274 B2
`
`Page 6
`
`(May 1999)
`
`(FSECURE
`
`(from FSECURE
`
`Microsoft Corp., Windows NT Server Product Documentation:
`Chapter 57Planning for Large-Scale Configurations, available at
`http://www.microsoft.com/technet/archive/winntas/proddocs/
`rras40/rrasch05.mspx (Large-Scale Configurations)
`(Although
`undated, this reference refers to the operation of prior art versions of
`Microsoft Windows such as Windows NT 4 0 Accordingly, upon
`information and belief, this reference is prior art to the patents-in-
`suit.).
`F-Secure, F—Secure Evaluation Kit
`00000003) (Evaluation Kit 3).
`F-Secure, F—Secure NameSurfer (May 1999)
`00000003) (NameSurfer 3).
`F-Secure, F—Secure VPN Administrator ’s Guide (May 1999) (from
`FSECURE 00000003) (F-Secure VPN 3).
`F-Secure, F—Secure SSH User’s & Administrator’s Guide (May
`1999) (from FSECURE 00000003) (SSH Guide 3).
`F-Secure, F—Secure SSH2 0 for Windows NT and 95 (May 1999)
`(from FSECURE 00000003) (SSH 2.0 Guide 3).
`F-Secure, F—Secure VPN+ Administrator’s Guide (May 1999) (from
`FSECURE 00000003) (VPN+ Guide 3).
`F-Secure, F—Secure VPN+ 4.1 (1999) (from FSECURE 00000006)
`(VPN+ 4.1 Guide 6).
`F-Secure, F—Secure SSH(1996) (from FSECURE 00000006) (F-Se-
`cure SSH 6).
`F-Secure, F—Secure SSH 2.0for Windows NT and 95 (1998) (from
`FSECURE 00000006) (F-Secure SSH 2.0 Guide 6).
`F-Secure, F—Secure Evaluation Kit
`(Sep.
`1998)
`00000009) (Evaluation Kit 9).
`F-Secure, F—Secure SSH User’s & Administrator’s Guide (Sep.
`1998) (from FSECURE 00000009) (SSH Guide 9).
`F-Secure, F—Secure SSH 2.0for Windows NT and 95 (Sep. 1998)
`(from FSECURE 00000009) (F-Secure SSH 2.0 Guide 9).
`F-Secure, F—Secure VPN+ (Sep. 1998) (from FSECURE 00000009)
`(VPN+ Guide 9).
`F-Secure, F—Secure Management Tools, Administra