(12) United States Patent
`Larson et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,504,696 B2
`*Aug. 6, 2013
`
`US008504696B2
`
`(54) SYSTEM AND METHOD EMPLOYING AN
`AGILE NETWORK PROTOCOL FOR SECURE
`COMMUNICATIONS USING SECURE
`DOMAIN NAMES
`(75) Inventors: Victor Larson, Fairfax, VA (US);
`Robert Dunham Short, III, Leesburg,
`VA (US); Edmond Colby Munger,
`Crownsville, MD (US); Michael
`Williamson, South Riding, VA (US)
`(73) Assignee: VirnetX, Inc., Zephyr Cove, NV (US)
`( * ) Notice:
`Subject to any disclaimer, the term of this
`I??? 115522??? g; :djusted under 35
`
`'
`'
`'
`y
`y '
`This patent is subject to a terminal dis-
`Clalmer'
`(21) Appl. No.: 13/337,757
`
`(22) Flled:
`(65)
`
`Dec‘ 27’ 2011
`Prior Publication Data
`US 2012/0096541A1
`Apr. 19, 2012
`Related US. Application Data
`(63) Continuation of application No. 13/049,552, ?led on
`Mar. 16, 2011, which is a continuation of application
`No. 11/840,560, ?led onAug. 17, 2007, now Pat. No.
`7 921 211 which is a continuation of application No.
`’
`’
`’
`is: gilli'mlliiijggi’a noliwciiegl'l 52'
`0’9/55’8 21’0 ?led on A r 26 2000 no}? abandoned
`which ’is a’ continuatign'_in_’ an 0% a lication NO’
`09 / 50 4 783 ?led on Feb 1P5 2000 PEOW Pat NO'
`6 502 1’35 ’ which is
`a' céminua’tiomim ar't 0
`a’ lic’atiol’l NO 09/429 643 ?led on Oct 25 1999
`n13}; Pat NO 7 '010 60 4’
`’
`'
`’
`’
`'
`'
`’
`’
`'
`(60) Provisional application No. 60/106,261, ?led on Oct.
`30, 1998, provisional application No. 60/ 137,704,
`?led on Jun. 7, 1999.
`
`(51) Int. Cl.
`G06F 15/16
`
`(2006.01)
`
`(56)
`
`(52) US. Cl.
`USPC ........................................................ .. 709/227
`(58) Field of Classi?cation Search
`USPC ................................................ .. 709/223i227
`See application ?le for complete search history.
`.
`References Clted
`U S PATENT DOCUMENTS
`2 895 502 A' '
`7/l959 R
`t l
`4,677,434 A
`6/ 1987 Fascenda
`(Continued)
`FOREIGN PATENT DOCUMENTS
`
`,
`
`,
`
`Oper e a .
`
`DE
`EP
`
`12/1999
`19924575
`4/1988
`0838930
`(Continued)
`OTHER PUBLICATIONS
`
`U.S.App1. No. 09/399,753, ?led Sep. 22, 1998, Graig Miller et a1.
`(C t_
`d)
`on mue
`
`1;; rgmjy Examizer i Knife‘ LlmM D
`LLP
`
`llorney, gent, 0r lrm * C ermo
`
`n W11 & E
`
`1
`
`mery
`
`(57)
`
`ABSTRACT
`
`.
`.
`A system for connectmg a ?rst network devlce and a second
`network device includes one or more servers. The servers are
`con?gured to: (a) receive, from the ?rst network device, a
`request to look up a network address of the second network
`device based on an identi?er associated with the second net
`work device; (b) determine, in response to the request,
`whether the second network device is available for a secure
`communications service; and (c) initiate a virtual private net
`work communication link between the ?rst network device
`and the second network device based on a determination that
`the second network device is available for the secure commu
`nications service, wherein the secure communications ser
`vice uses the virtual private network communication link.
`
`30 Claims, 40 Drawing Sheets
`
`2601
`
`\
`
`49/
`
`m/
`
`I
`
`\zanz
`
`2605
`
`2635
`
`:
`
`BRgVFIEER _" sTIIcK
`
`2m,
`
`
`
`1 GATEKEEPER
`
`‘El \Z6u3
`
`SECURE
`TARGET
`SITE
`
`HOPPIIIG
`
`UNSECURE
`TARGET
`SITE
`
`2511
`
`2105/
`
`ESTABLISH
`VPN WITH
`TARGET SITE
`
`2m
`FASSTHRII
`
`2705
`
`ERROR
`
`Petitioner Apple Inc. - Exhibit 1001, p. 1
`
`

`
`US 8,504,696 B2
`Page 2
`
`US. PATENT DOCUMENTS
`A
`8/1988 Sagoi et al.
`4,761,334
`4,885,778
`A 12/1989 Weiss
`4,920,484
`A
`4/ 1990 Ranade
`A
`6/1990 Humphrey et al.
`4,933,846
`4,952,930
`A
`8/1990 FranasZek et al.
`4,988,990
`A
`1/ 1991 Warrior
`5,007,051
`A
`4/1991 Dolkas et al.
`A 11/1992 Matyas
`5,164,988
`5,204,961
`A
`4/ 1993 Barlow
`5,276,735
`A
`1/1994 Boebert et al.
`5,303,302
`A
`4/ 1994 Burrows
`5,311,593
`A
`5/1994 Carmi
`5,329,521
`A
`7/1994 Walsh et al.
`5,341,426
`A
`8/1994 Barney et al.
`5,345,439
`A
`9/ 1994 Marston
`A 11/1994 Chang et al.
`5,367,643
`5,384,848
`A
`1/ 1995 Kikuchi
`5,511,122
`A
`4/ 1996 Atkinson
`5,548,646
`A
`8/1996 AZiZ et al.
`5,559,883
`A
`9/1996 Williams
`5,561,669
`A 10/1996 Lenney et al.
`5,588,060
`A 12/ 1996 AZiZ
`5,590,285
`A 12/1996 Krause et al.
`5,625,626
`A
`4/ 1997 Umekita
`5,629,984
`A
`5/1997 McManis
`5,654,695
`A
`8/1997 Olnowich et al.
`A 10/ 1997 Nakagawa
`5,682,480
`A 11/1997 Nguyen
`5,689,566
`5,689,641
`A 11/1997 Ludwig et al.
`5,740,375
`A
`4/1998 Dunne et al.
`A
`5/ 1998 Faybishenko
`5,757,925
`5,764,906
`A
`6/1998 Edelstein et al.
`5,771,239
`A
`6/1998 Moroney et al.
`5,774,660
`A
`6/1998 Brendel et al.
`5,787,172
`A
`7/1998 Arnold
`5,790,548
`A
`8/1998 SistaniZadeh et al.
`5,796,942
`A
`8/1998 Esbensen
`5,805,801
`A
`9/1998 Holloway et al.
`5,805,803
`A
`9/1998 Birrell et al.
`5,822,434
`A 10/1998 Caronni et al.
`5,838,796
`A 11/1998 Mittenthal
`5,842,040
`A 11/1998 Hughes et al.
`5,845,091
`A 12/1998 Dunne et al.
`5,864,666
`A
`1/ 1999 Shrader
`5,867,650
`A
`2/ 1999 Osterman
`5,870,610
`A
`2/1999 Beyda et al.
`5,878,231
`A
`3/1999 Baehr et al.
`A
`3/1999 Kapoor
`5,884,038
`5,892,903
`A
`4/1999 Klaus
`5,898,830
`A
`4/1999 Wesinger, Jr. et al.
`5,905,859
`A
`5/1999 Holloway et al.
`5,918,018
`A
`6/1999 Gooderum et al.
`5,918,019
`A
`6/1999 Valencia
`5,950,195
`A
`9/1999 Stockwell et al.
`5,950,519
`A
`9/1999 Anatoli
`5,960,204
`A
`9/1999 Yinger et al.
`5,996,016
`A 11/1999 Thalheimer et al.
`6,006,259
`A 12/1999 Adelman et al.
`6,006,272
`A 12/1999 Aravamudan et al.
`6,016,318
`A
`1/ 2000 Tomoike
`6,016,512
`A
`1/ 2000 Huitema
`6,041,342
`A
`3/ 2000 Yamaguchi
`6,052,788
`A
`4/ 2000 Wesinger et al.
`6,055,574
`A
`4/ 2000 Smorodinsky et al.
`6,061,346
`A
`5/ 2000 Nordman
`6,061,736
`A
`5/ 2000 Rochberger et al.
`6,079,020
`A
`6/2000 Liu
`6,081,900
`A
`6/2000
`Subramaniam et al.
`6,092,200
`Muniyappa et al.
`A
`7/2000
`6,101,182
`A
`8/2000
`SistaniZadeh et al.
`6,119,171
`Alkhatib
`A
`9/2000
`6,119,234
`A
`9/2000
`AZiZ et al.
`6,131,121
`Mattaway et al.
`A 10/2000
`6,147,976
`A 1 1/2000
`Shand et al.
`6,157,957
`Berthaud
`A 12/2000
`6,158,011
`A 12/2000
`Chen et al.
`6,168,409
`B
`1/2001
`Fare
`6,173,399
`Gilbrech
`B
`1/2001
`
`6,175,867
`6,178,409
`6,178,505
`6,179,102
`6,182,141
`6,182,227
`6,199,112
`6,202,081
`6,222,842
`6,223,287
`6,226,748
`6,226,751
`6,233,618
`6,243,360
`6,243,749
`6,243,754
`6,246,670
`6,256,671
`6,262,987
`6,263,445
`6,266,699
`6,269,099
`6,286,047
`6,298,341
`6,301,223
`6,308,213
`6,308,274
`6,311,207
`6,314,463
`6,324,161
`6,330,562
`6,332,158
`6,333,272
`6,338,082
`6,353,614
`6,425,003
`6,430,155
`6,430,610
`6,487,598
`6,496,867
`6,499,108
`6,502,135
`6,505,232
`6,510,154
`6,549,516
`6,557,037
`6,560,634
`6,571,296
`6,571,338
`6,581,166
`6,606,708
`6,615,357
`6,618,761
`6,671,702
`6,687,551
`6,687,746
`6,701,437
`6,714,970
`6,717,949
`6,751,738
`6,752,166
`6,757,740
`6,760,766
`6,813,777
`6,826,616
`6,839,759
`6,937,597
`7,010,604
`7,039,713
`7,072,964
`7,133,930
`7,167,904
`7,188,175
`7,188,180
`7,197,563
`7,353,841
`7,418,504
`7,461,334
`7,490,151
`
`1/2001
`1/2001
`1/2001
`1/2001
`1/2001
`1/2001
`3/2001
`3/2001
`4/2001
`4/2001
`5/2001
`5/2001
`5/2001
`6/2001
`6/2001
`6/2001
`6/2001
`7/2001
`7/2001
`7/2001
`7/2001
`7/2001
`9/2001
`10/2001
`10/2001
`10/2001
`10/2001
`10/2001
`11/2001
`11/2001
`12/2001
`12/2001
`12/2001
`1/2002
`3/2002
`7/2002
`8/2002
`8/2002
`11/2002
`12/2002
`12/2002
`12/2002
`1/2003
`1/2003
`4/2003
`4/2003
`5/2003
`5/2003
`5/2003
`6/2003
`8/2003
`9/2003
`9/2003
`12/2003
`2/2004
`2/2004
`3/2004
`3/2004
`4/2004
`6/2004
`6/2004
`6/2004
`7/2004
`11/2004
`11/2004
`1/2005
`8/2005
`3/2006
`5/2006
`7/2006
`11/2006
`1/2007
`3/2007
`3/2007
`3/2007
`4/2008
`8/2008
`12/2008
`2/2009
`
`Taghadoss
`Weber et al.
`Schneider et al.
`Weber et al.
`Blum et al.
`Blair et al.
`Wilson
`Naudus
`Sasyan et al.
`Douglas et al.
`Bots et al.
`Arrow et al.
`Shannon
`Basilico
`Sitaraman et al.
`Guerin et al.
`Karlsson et al.
`StrentZsch et al.
`Mogul
`Blumenau
`Sevcik
`Borella et al.
`Ramanathan et al.
`Mann et al.
`Hrastar et al.
`Valencia
`Swift
`Mighdoll et al.
`Abbott et al.
`Kirch
`Boden et al.
`Risley et al.
`McMillin et al.
`Schneider
`Borella et al.
`HerZog et al.
`Davie et al.
`Carter
`Valencia
`Beser et al.
`Johnson
`Munger et al.
`Mighdoll et al.
`Mayes et al.
`Albert et al.
`Provino
`Broadhurst
`Dillon
`Shaio et al.
`Hirst et al.
`Devine et al.
`Boden et al.
`Munger et al.
`Kruglikov et al.
`Steindl
`Shuster et al.
`Hoke et al.
`Fiveash et al.
`Boden et al.
`Wesinger, Jr. et al.
`Lull et al.
`Parekh et al.
`Sahlqvist
`Weinberger et al. .......... .. 725/76
`Larson et al.
`Larson et al.
`Rosenberg et al.
`Munger et al.
`Van Gunter et al.
`Whittle et al.
`Munger et al.
`Devarajan et al.
`McKeeth
`Larson et al.
`Sheymov et al.
`Kono et al.
`Larson et al.
`Lu et al.
`Munger et al.
`
`Petitioner Apple Inc. - Exhibit 1001, p. 2
`
`

`
`US 8,504,696 B2
`Page 3
`
`2/2009 Shull et al.
`7,493,403 B2
`9/2009 Dillon et al. .................... .. 726/3
`7,584,500 B2 *
`7/2010 Karr et al.
`7,764,231 B1
`7,852,861 B2 * 12/2010 Wu et al. ..................... .. 370/401
`7,921,211 B2
`4/2011 Larson et al.
`7,933,990 B2
`4/2011 Munger et al.
`8,051,181 B2 11/2011 Larson et al.
`2001/0049741 A1
`12/2001 Skene et al.
`1/ 2002 Bush
`2002/0002675 A1
`1/ 2002 Droge
`2002/0004898 A1
`10/2003 Wesinger, Jr. et al.
`2003/0196122 A1
`2004/0199493 A1
`10/2004 Ruiz et al.
`2004/0199520 A1
`10/2004 Ruiz et al.
`2004/0199608 A1
`10/ 2004 Rechterman et al.
`2004/0199620 A1
`10/2004 Ruiz et al.
`2005/0055306 A1
`3/ 2005 Miller et al.
`2005/0108517 A1*
`5/2005 Dillon et al. ................ .. 713/150
`3/ 2006 Poyhonen et al.
`2006/0059337 A1
`6/2006 Munger et al.
`2006/0123134 A1
`2007/0208869 A1
`9/ 2007 Adelman et al.
`9/2007 King et al.
`2007/0214284 A1
`2007/0266141 A1
`1 1/ 2007 Norton
`2008/0005792 A1
`1/2008 Larson et al.
`2008/0144625 A1* 6/2008 Wu et al. ..................... .. 370/392
`2008/0235507 A1
`9/2008 Ishikawa et al.
`2009/0193498 A1* 7/2009 Agarwal et al. ................. .. 726/1
`2009/0193513 A1* 7/2009 Agarwal et al. ............... .. 726/15
`2009/0199258 A1
`8/2009 Deng et al.
`2009/0199285 A1* 8/2009 Agarwal et al. ................. .. 726/9
`
`EP
`EP
`EP
`GB
`GB
`GB
`JP
`JP
`JP
`JP
`JP
`JP
`JP
`JP
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`WO
`
`FOREIGN PATENT DOCUMENTS
`0814589
`12/1997
`836306
`4/1998
`0858189
`8/1998
`2317792
`4/1998
`2334181
`8/1999
`2340702
`2/2000
`62-214744
`9/1987
`04-117826
`4/1992
`04-363941
`12/1992
`09-018492
`1/1997
`09-270803
`10/1997
`10-070531
`3/1998
`10-111848
`4/1998
`10-215244
`8/1998
`WO9827783
`6/1998
`WO9843396
`10/1998
`WO9855930
`12/1998
`WO9859470
`12/1998
`WO9911019
`3/1999
`WO9938081
`7/1999
`WO9948303
`9/1999
`WO0017775
`3/2000
`WO0070458
`11/2000
`WO01/61922
`2/2001
`WO0116766
`3/2001
`WO0150688
`7/2001
`
`OTHER PUBLICATIONS
`
`U.S. Appl. No. 60/134,547, ?led May 17, 1999, Victory Sheyrnov.
`U.S. Appl. No. 60/151,563, ?led Aug. 31, 1999, Bryan Whittles.
`Alan 0. Frier et al., “The SSL Protocol Version 3.0”, Nov. 18, 1996,
`printed from http://www.netscape.com/eng/ss13/ draft302.txt on
`Feb. 4, 2002, 56 pages.
`August Bequai, “Balancing Legal Concerns Over Crime and Security
`in Cyberspace”, Computer & Security, vol. 17, No. 4, 1998, pp.
`293-298.
`D. B. Chapman et al., “Building Internet Firewalls”, Nov. 1995, pp.
`278-375.
`D. Clark, “US Calls for Private Domain-Name System”, Computer,
`IEEE Computer Society, Aug. 1, 1998, pp. 22-25.
`Davila J et al, “Implementation of Virtual Private Networks at the
`Transport Layer”, Information Security, Second International Work
`shop, ISW’99. Proceedings (Lecture Springer-Verlag Berlin, Ger
`many, [Online] 1999, pp. 85-102, XP002399276, ISBN 3-540-666.
`Dolev, Shlomi and Ostrovsky, Ra?l, “Ef?cient Anonymous Multicast
`and Reception” (Extended Abstract), 16 pages.
`
`Donald E. Eastlake, 3rd, “Domain Name System Security Exten
`sions”, Internet Draft, Apr. 1998, pp. 1-51.
`F. Halsall, “Data Communications, Computer Networks and Open
`Systems”, Chapter 4, Protocol Basics, 1996, pp. 198-203.
`Glossary for the Linux FreeS/WAN project, printed from http://
`liberty.freeswan .org/freeswanitrees/freeswan-1 .3/
`doc/glo ssary.
`htrnl on Feb. 21, 2002, 25 pages.
`J. Gilmore, “Swan: Securing the Internet against Wiretapping”,
`printed from http :/ / liberty. freeswan. org/ freeswanitree s/ free swan- 1 .
`3/doc/rationale.html on Feb. 21, 2002, 4 pages.
`James E. Bellaire, “New Statement of Rules-Naming Internet
`Domains”, Internet Newsgroup, Jul. 30, 1995, 1 page.
`Jim Jones et al., “Distributed Denial of Service Attacks: Defenses”,
`Global Integrity Corporation, 2000, pp. 1-14.
`Laurie Wells (lancasterbibelmail msn com); “Subject: Security Icon”
`USENET Newsgroup, Oct. 19, 1998, XP002200606, 1 page.
`Linux FreeS/WAN Index File, printed from http://liberty.freewan.
`org/freeswanitrees/freeswan-1.3/doc/ on Feb. 21, 2002, 3 Pages.
`P. Srisuresh et al., “DNS extensions to Network address Translators
`(DNSiALG)”, Internet Draft, Jul. 1998, pp. 1-27.
`Reiter, Michael K. and Rubin, Aviel D. (AT&T Labs-Research),
`“Crowds: Anonymity for Web Transactions”, pp. 1-23.
`RFC 2401 (dated Nov. 1998) Security Architecture for the Internet
`Protocol (RTP).
`RFC 2543-SIP (dated Mar. 1999): Session Initiation Protocol (SIP or
`SIPS).
`Rich Winkel, “CAQ: Networking With Spooks: The NET & The
`Control of Information”, Internet Newsgroup, Jun. 21, 1997, 4 pages.
`Rubin, Aviel D., Geer, Daniel, and Ranum, Marcus J. (Wiley Com
`puter Publishing), “Web Security Sourcebook”, pp. 82-94.
`Search Report (dated Aug. 20, 2002), International Application No.
`PCT/US01/04340.
`Search Report (dated Aug. 23, 2002), International Application No.
`PCT/US01/13260.
`Search Report (dated Oct. 7, 2002), International Application No.
`PCT/US01/13261.
`Search Report, IPER (dated Nov. 13, 2002), International Applica
`tion No. PCT/USO 1/ 04340.
`Search Report, IPER (dated Feb. 6, 2002), International Application
`No. PCT/US01/13261.
`Search Report, IPER (dated Jan. 14, 2003), International Application
`No. PCT/US01/13260.
`Shankar, A.U. “A veri?ed sliding window protocol with variable ?ow
`control”. Proceedings of ACM SIGCOMM conference on Commu
`nications architectures & protocols. pp. 84-91, ACM Press, NY, NY
`1986.
`Shree Murthy et al., “Congestion-Oriented Shortest Multi-path Rout
`ing”, Proceedings of IEEE INFOCOM, 1996, pp. 1028-1036.
`W. Stallings, “Cryptography and Network Security”, 2nd, Edition,
`Chapter 13, IP Security, Jun. 8, 1998, pp. 399-440.
`Microsoft Corporation’s Fourth Amended Invalidity Contentions
`dated Jan. 5, 2009, I/lrnetX Inc. and Science Applications Interna
`tional Corp. v. Microsoft Corporation.
`Appendix A of the Microsoft Corporation’s Fourth Amended Inval
`idity Contentions dated Jan. 5, 2009.
`Concordance Table for the References Cited in Tables on pp. 6-15,
`71-80 and 116-124 of the Microsoft Corporation’s Fourth Amended
`Invalidity Contentions dated Jan. 5, 2009.
`1. P. Mockapetris, “DNS Encoding of Network Names and Other
`Types,” Network Working Group, RFC 1101 (Apr. 1989) RFC1101,
`DNS SRV).
`R. Atkinson, “An Internetwork Authentication Architecture,” Naval
`Research Laboratory, Center for High Assurance Computing Sys
`tems (Aug. 5, 1993). (Atkinson NRL, KX Records).
`Henning Schulzrinne, Personal Mobility for Multimedia Services in
`the Internet, Proceedings of the Interactive Distributed Multimedia
`Systems and Services European Workshop at 143 (1996).
`(Schulzrinne 96).
`Microsoft Corp., Microsoft I/lrtual Private Networking.‘ Using Point
`to-Point Tunneling Protocol for Low-Cost, Secure, Remote Access
`Across the Internet (1996) (printed from 1998 PDC DVD-ROM).
`Point to Point, Microsoft Prior Art VPN Technology).
`
`Petitioner Apple Inc. - Exhibit 1001, p. 3
`
`

`
`US 8,504,696 B2
`Page 4
`
`“Safe Sur?ng: How to Build a Secure World Wide Web Connection,”
`IBM Technical Support Organization, (Mar. 1996). (Safe Su?ng,
`Website Art).
`Goldschlag, et al., “Hiding Routing Information,” Workshop on
`Information Hiding, Cambridge, UK (May 1996). (Goldschlag II,
`Onion Routing).
`“IPSec Minutes From Montreal”, IPSEC Working Group Meeting
`Notes,
`http://www.sandleman.ca/ipsec/ l 996/08/msg000 l 8 .htrnl
`(Jun. 1996). (IPSec Minutes, FreeS/WAN).
`J. M. Galvin, “Public Key Distribution with Secure DNS,” Proceed
`ings of the Sixth USENIX UNIX Security Symposium, San Jose,
`California, Jul. 1996. (Galvin, DNSSEC).
`J. Gilmore, et al. “Re: Key Management, anyone? (DNS Keying),”
`IPSec Working Group Mailing List Archives (Aug. 1996). (Gilmore
`DNS, FreeS/WAN).
`H. Orman, et al. “Re: Re: DNS? was Re: Key Management, anyone?”
`IETF IPSec Working Group Mailing List Archive (Aug. l996-Sep.
`l996). (Orman DNS, FreeS/WAN).
`Arnt Gulbrandsen & Paul Vixie, A DNS RR for specifying the location
`ofservices (DNS SRV), IETF RFC 2052 (Oct. 1996). (RFC 2052,
`DNS SRV).
`Freier, et al. “The SSL Protocol Version 3.0,” Transport Layer Secu
`rity Working Group (Nov. 18, 1996). (SSL, Underlying Security
`Technology).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Dec. 2, 1996). (RFC 2543 Internet Draft 1).
`MG. Reed, et al. “Proxies for Anonymous Routing,” 12th Annual
`Computer Security Applications Conference, San Diego, CA, Dec.
`9-13, 1996. (Reed, Onion Routing).
`Kenneth F. Alden & Edward P. Wobber, T heAlta J/lsta Tunnel.‘ Using
`theInternet to Extend Corporate Networks, Digital Technical Journal
`(1997) (Alden, AltaVista).
`Automotive Industry Action Group, “ANX Release 1 Document Pub
`lication,” AIAG (1997). (AIAG, ANX).
`Automotive Industry Action Group, “ANX Release 1 Draft Docu
`ment Publication,” AIAG Publications (1997). (AIAG Release,
`ANX).
`Aventail Corp. “Aventail VPN Data Sheet,” available at http://www.
`archive.org/web/ 199702l20l3043/www.aventail.com/prod/
`vpndata.html (1997). (Data Sheet, Aventail).
`Aventail Corp., “Directed VPN Vs. Tunnel,” available at http://web.
`archive.org/web/ 199706200303 1 2/www.aventail.com/educate/
`directvpn.html (l997).(Directed VPN, Aventail).
`Aventail Corp., “Managing Corporate Access to the Internet,”
`Aventail AutoSOCKS White Paper available at http://web.archive.
`org/1997062003003 l2/www.aventail.com/educate/whitepaper/
`ipmw.html (1997). (Corporate Access, Aventail).
`Aventail Corp., “VPN Server V2.0 Administration Guide,” (1997).
`(VPN, Aventail).
`Goldschlag, et al. “Privacy on the Internet,” Naval Research Labo
`ratory, Center for High Assurance Computer Systems (1997).
`(Goldschtag I, Onion Routing).
`Microsoft Corp., Installing Con?guring and Using PPTP with
`Microsoft Clients and Servers (1997). (Using PPTP, Microsoft Prior
`Art VPN Technology).
`Microsoft Corp., IP Security for Microsoft Windows NT Server 5. 0
`(1997) (printed from 1998 PDC DVD-ROM). (IP Security, Microsoft
`Prior Art VPN Technology).
`Microsoft Corp., Microsoft Windows N T Active Directory.‘ An Intro
`duction to the Next Generation Directory Services (1997) (printed
`from 1998 PDC DVD-ROM). (Directory, Microsoft Prior Art VPN
`Technology).
`Microsoft Corp., Routing and Remote Access Service for Windows
`NT Server New Opportunities Today and Looking Ahead (1997)
`(printed from 1998 PDC DVD-ROM). Routing, Microsoft Prior Art
`VPN Technology).
`Microsoft Corp., Understanding Point-to-Point Tunneling Protocol
`PPTP (1997) (printed from 1998 PDC DVD-ROM). (Understanding
`PPTP, Microsoft Prior Art VPN Technology).
`J. Mark Smith et.al., Protecting a Private Network.‘ The AltaJTlsta
`Firewall, Digital Technical Journal (1997). (Smith, AltaVista).
`
`Naganand Doraswamy Implementation of J/lrtual Private Networks
`(VPNs) with IPSecurity, <draft-ietf-ipsec-vpn-00.txt> (Mar. 12,
`1997). (Doraswamy).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Mar. 27, 1997). (RFC 2543 Internet Draft 2).
`Aventail Corp., “Aventail and Cybersafe to Provide Secure Authen
`tication for Internet and Intranet Communication,” Press Release,
`Apr. 3, 1997. (Secure Authentication, Aventail).
`D. Wagner, et al. “Analysis ofthe SSL 3.0 Protocol,” (Apr. 15, 1997).
`(Analysis, Underlying Security Technologies).
`Automotive Industry Action Group, “ANXO Certi?cation Authority
`Service and Directory Service De?nition for ANX Release 1,” AIAG
`Telecommunications Project Team and Bellcore (May 9, 1997).
`(AIAG De?nition, ANX).
`Automotive Industry Action Group, “ANXO Certi?cation Process
`and ANX Registration Process De?nition for ANX Release l,”AIAG
`Telecommunications Project Team and Bellcore (May 9, 1997).
`(AIAG Certi?cation, ANX).
`Aventail Corp., “Aventail Announces the First VPN Solution to
`Assure Interoperability Across Emerging Security Protocols,” Jun. 2,
`1997. (First VPN, Aventail).
`Syverson, et al. “Private Web Browsing,” Naval Research Laboratory,
`Center for High 8 Assurance Computer Systems (Jun. 2, 1997).
`(Syverson, Onion Routing).
`Bellcore, “Metrics, Criteria, and Measurement Technique Require
`ments for ANX Release 1,” AIAG Telecommunications Project Team
`and Bellcore (Jun. 16, 1997). (AIAG Requirements, ANX).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jul. 31, 1997). (RFC 2543 Internet Draft 3).
`R. Atkinson, “Key Exchange Delegation Record for the DNS,” Net
`work Working Group, RFC 2230 (Nov. 1997). (RFC 2230, KX
`Records).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Nov. 11, 1997). (RFC 2543 Internet Draft 4).
`1998 Microsoft Professional Developers Conference DVD (“1998
`PDC DVD-ROM”) (including screenshots captured there from and
`produced as MSFTVX 000l8827-000l8832). (Conference,
`Microsoft Prior Art VPN Technology).
`Microsoft Corp., J/lrtual Private Networking an Overview (1998)
`(printed from 1998 PDC DVD-ROM) (Overview, Micro soft Prior Art
`VPN Technology).
`Microsoft Corp., Windows NT 5.0 Beta Has Public Premiere at
`Seattle Mini-Camp Seminar attendees get ?rst look at the perfor
`mance and capabilities of Windows N T 5. 0(l998) (available at http://
`www.microsoft.com/presspass/features/l998/ l0-l9nt5.
`mspxpftrue). (NT Beta, Microsoft Prior Art VPN Technology).
`“What ports does SSL use” available at stason.org/TULARC/secu
`rity/ssl-talk/3-4-What-ports-does-ssl-use.html (l998). (Ports, DNS
`SRV).
`Aventail Corp., “Aventail VPN V2.6 Includes Support for More Than
`Ten Authentication Methods Making Extranet VPN Development
`Secure and Simple,” Press Release, Jan. 19, 1998. (VPN V2.6,
`Aventail).
`R. G. MoskowitZ, “Network Address Translation Issues with IPsec,”
`Internet Draft, Internet Engineering Task Force, Feb. 6, 1998.
`(MoskowitZ).
`H. SchulZrinne, et al, “Internet Telephony Gateway Location,” Pro
`ceedings of IEEE INfocom ’98, The Conference on Computer Com
`munications, vol. 2 (Mar. 29-Apr. 2, 1998). (Gateway, SchulZrinne).
`C. Huitema, 45 al. “Simple Gateway Control Protocol,”Version 1.0
`(May 5, 1998). (SGCP).
`DISA “Secret Internet Protocol Router Networ ,” SIPRNET Pro
`gram Management Of?ce (D3 1 l3) DISN Networks, DISN Transmis
`sion Services (May 8, 1998). DISA, SIPRENT).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (May 14, 1998). (RFC 2543 Internet Draft 5).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jun. 17, 1998). (RFC 2543 Internet Draft 6).
`D. McDonald, et al. “PFiKEY Key Management API, Version 2,”
`Network Working Group, RFC 2367 (Jul. 1998). (RFC 2367).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jul. 16, 1998). (RFC 2543 Internet Draft 7).
`
`Petitioner Apple Inc. - Exhibit 1001, p. 4
`
`

`
`US 8,504,696 B2
`Page 5
`
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Aug. 7, 1998). (RFC 2543 Internet Draft 8).
`Microsoft Corp., Company Focuses on Quality and Customer Feed
`back(Aug. 18, 1998). (Focus, Microsoft PriorArtVPN Technology).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Sep. 18, 1998). (RFC 2543 Internet Draft 9).
`Atkinson, et al. “Security Architecture for the Internet Protocol,”
`Network Working Group, RFC 2401 (Nov. 1998). (RFC 2401,
`Underlying Security Technologies).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Nov. 12, 1998). (RFC 2543 Internet Draft 10).
`Donald Eastlake, Domain Name System Security Extensions, IETF
`DNS Security Working Group (Dec. 1998). (DNSSEC-7).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Dec. 15, 1998). (RFC 2543 Internet Draft 11).
`Aventail Corp., “Aventail Connect 3.1/2.6 Administrator’s Guide,”
`(1999). (Aventail Administrator 3.1, Aventail).
`Aventail Corp., “Aventail Connect 3.1/2.6 User’s Guide,” (1999).
`(Aventail User 3.1, Aventail).
`Aventail Corp., “Aventail ExtraWeb Server v3.2 Administrator’s
`Guide,” (1999). (Aventail ExtraWeb 3.2, Aventail).
`Kaufman et al, “Implementing IPSec,” (Copyright 1999). (Imple
`menting IPsec, VPN References).
`Network Solutions, Inc. “Enabling SSL,” NSI Registry (1999).
`(Enabling SSL, Underlying Security Technologies).
`Check Point Software Technologies Ltd. (1999) (Check Point,
`Checkpoint FW).
`Arnt Gulbrandsen & Paul Vixie, A DNS RR for specifying the location
`of services (DNS SRV),<draft-ietf-dnsind-frc2052bis-02.txt> (Jan.
`1999). (Gulbrandsen 99, DNS SRV).
`C. Scott, et al. J/lrtual Private Networks, O’Reilly and Associates,
`Inc., 2nd ed. (Jan. 1999). Scott VPNs).
`M. Handley, H. SchulZrinne, E. Schooler, Internet Engineering Task
`Force, Internet Draft, (Jan. 15, 1999). (RFC 2543 Internet Draft 12).
`Goldschlag, et al., “Onion Routing for Anonymous and Private
`Internet Connections,” Naval Research Laboratory, Center for High
`Assurance Computer Systems (Jan. 28, 1999). (Goldschlag III,
`Onion Routing).
`H. SchulZrinne, “Internet Telephony: architecture and protocolsian
`IETF perspective,” Computer Networks, vol. 31, No. 3 (Feb. 1999).
`(Telephony, SchulZrinne).
`M. Handley, et al. “SIP: Session Initiation Protocol,” Network Work
`ing Group, RFC 2543 and Internet Drafts (Dec. 1996-Mar. 1999).
`(Handley, RFC 2543).
`FreeS/WAN Project, LinuxFreeS/WAN Compatibility Guide (Mar. 4,
`1999). (FreeS/WAN Compatibility Guide, FreeS/WAN).
`Telcordia Technologies, “ANX Release 1 Document Corrections,”
`AIAG (May 11, 1999). (Telcordia, ANX).
`Ken Hornstein & Jeffrey Altman, Distributing Kerberos KDC and
`Realm Information with DNS <draft-eitf-cat-krb-dns-locate-oo.txt>
`(Jun. 21, 1999). (Hornstein, DNS SRV).
`Bhattacharya, et al., “An LDAP Schema for Con?guration and
`Administration of IPSec Based Virtual Private Networks (VPNs)”,
`IETF Internet Draft (Oct. 1999). (Bhattcharya LDAP VPN).
`B. Patel, et al. “DHCP Con?guration of IPSEC Tunnel Mode,”
`IPSEC Working Group, Internet Draft 02 (Oct. 15, 1999). (Patel).
`Goncalves, et al. Check Point Fire Wall-1 Administration Guide,
`McGraw-Hill Companies (2000). (Goncalves, Checkpoint FW).
`“Building a Microsoft VPN: A Comprehensive Collection of
`Microsoft Resources,” FirstVPN, (Jan. 2000). (FirstVPN Microsoft).
`Gulbrandsen, Vixie, & Esibov, A DNS RR for specifying the location
`ofservices (DNS SRV), IETF RFC 2782 (Feb. 2000). (RFC 2782,
`DNS SRV).
`MITRE Organization, “Technical Description,” Collaborative
`Operations in Joint Expeditionary Force Experiment (JEFX) 99 (Feb.
`2000). (MITRE, SIPRNET).
`H. SchulZrinne, et al. “Application-Layer Mobility Using SIP,”
`Mobile Computing and Communications Review, vol. 4, No. 3. pp.
`47-57 (Jul. 2000). (Application, SIP).
`Kindred et al, “Dynamic VPN Communities: Implementation and
`Experience,” DARPA Information Survivability Conference and
`Exposition II (Jun. 2001). (DARPA, VPN Systems).
`ANX 101: Basic ANX Service Outline. (Outline, ANX).
`
`ANX 201: Advanced ANX Service. (Advanced, ANX).
`Appendix A: Certi?cate Pro?le for ANX IPsec Certi?cates. (Appen
`dix, ANX).
`Assured Digital Products. (Assured Digital).
`Aventail Corp., “Aventail AutoSOCKS the Client Key to Network
`Security,” Aventail Corporation White Paper. (Network Security,
`Aventail).
`Cindy Moran, “DISN Data Networks: Secret Internet Protocol
`Router Network (SIPRNet).” (Moran, SIPRNET).
`Data Fellows F-Secure VPN+ (F-Secure VPN+).
`Interim Operational Systems Doctrine for the Remote Access Secu
`rity Program (RASP) Secret Dial-In Solution. (RASP, SIPRNET).
`Onion Routing, “Investigation of Route Selection Algorithms,” avail
`able at http://www.onion-router.net/Archives/Route/index.html.
`(Route Selection, Onion Routing).
`Secure Computing, “Bullet-Proo?ng an Army Net,” Washington
`Technology. (Secure, SIPRNET).
`SPARTA “Dynamic Virtual Private Network.” (Sparta, VPN Sys
`tems).
`Standard Operation Procedure for Using the 1910 Secure Modems.
`(Standard, SIPRNET).
`FreeS/WAN
`to
`relating
`emails
`Publically
`available
`(MSFTVX00018833-MSFTVX00019206). (FreeS/WAN emails,
`FreeS/WAN).
`Kaufman et al., “Implementing IPsec,” (Copyright 1999) (Imple
`menting IPsec).
`NetworkAssociates GauntletFirewall for Unix User ’s Guide Version
`5.0 (1999). (Gauntlet User’s GuideiUnix, Firewall Products).
`Network Associates Gauntlet Firewall for Windows NT Getting
`Started Guide Version 5.0 (1999) (Gauntlet Getting Started Guidei
`NT, Firewall Products).
`Network Associates Gauntlet Firewall for Unix Getting Started
`Guide Version 5.0 (1999) (Gauntlet Unix Getting Started Guide,
`Firewall Products).
`Network Associates Release Notes Gauntlet Firewall for Unix 5.0
`(Mar. 19, 1999) (Gauntlet Unix Release Notes, Firewall Products).
`Network Associates Gauntlet Firewall for Windows N T Administra
`tor ’s Guide Version 5. 0 (1999) (Gauntlet NT Administrator’s Guide,
`Firewall Products).
`Trusted Information Systems, Inc. Gauntlet Internet Firewall
`Firewall-to-Firewall Encryption Guide Version 3.1 (1996) (Gauntlet
`Firewall-to-Firewall, Firewall Products).
`Network Associates Gauntlet Firewall Global J/lrtual Private Net
`work User ’s Guide for Windows NT Version 5. 0 (1999) (Gauntlet NT
`GVPN, GVPN).
`Network Associates Gauntlet Firewall for UNIX Global J/lrtual Pri
`vate Network User ’s Guide Version 5.0 (1999) (Gauntlet Unix
`GVPN, GVPN).
`Dan Sterne Dynamic Wrtual Private Networks (May 23, 2000)
`(Sterne DVPN, DVPN).
`Darrell Kindred Dynamic J/lrtual Private Networks (DVPN) (Dec.
`21, 1999) (Kindred DVPN, DVPN).
`Dan Sterne et al. T IS Dynamic Security Perimeter Research Project
`Demonstration (Mar. 9, 1998) (Dynamic Security Perimeter,
`DVPN).
`Darrell Kindred Dynamic J/lrtual Private Networks Capability
`Description (Jan. 5, 2000) (Kindred DVPN Capability, DVPN) 11.
`Oct. 7, and 28, 1997 email from Domenic J. Turchi Jr.
`(SPARTA00001712-1714, 1808-1811) (Turchi DVPN email,
`DVPN).
`James Just & Dan Sterne Security Quickstart Task Update (Feb. 5,
`1997) (Security Quickstart, DVPN).
`Virtual Private Network Demonstration dated Mar. 21, 1998
`(SPARTA00001844-54) (DVPN Demonstration, DVPN).
`GTE Internetworking & BBN Technologies DARPA Information
`Assurance Program Integrated Feasibilit Demonstration (IFD) 1.1
`Plan (Mar. 10, 1998) (IFD 1.1, DVPN).
`Microsoft Corp. Windows NT Server Product Documentation:
`Administration Guide4Connection Point Services, available at
`http://www.microsoft.com/technet/archive/winntas/proddocs/
`inetconctservice/cpsops.mspx
`(Connection
`Point
`Services)
`(Although undated, this reference refers to the operation of prior art
`versions of Microsoft Windows. Accordingly, upon information and
`belief, this reference is prior art to the patents-in-suit.).
`
`Petitioner Apple Inc. - Exhibit 1001, p. 5
`
`

`
`US 8,504,696 B2
`Page 6
`
`Microsoft Corp. Windows NT Server Product Documentation:
`Administration Kit GuideiConnection Manager, available at http://
`www.micro soft.com/technet/archive/winntas/proddocs/
`inetconctservice/cmakmspx (Connection Manager) (Although
`undated, this reference refers to the operation of prior art versions of
`Microsoft Windows such as Windows NT 4.0. Accordingly, upon
`information and belief, this reference is prior art to the patents-in
`suit.).
`Microsoft Corp. Autodial Heuristics, available at http:// support.
`microsoft.com/kb/ 164249 (Autodial Heuristics) (Although undated,
`this reference refers to the operation of prior art versions of Microsoft
`Windows such as Windows NT 4.0. Accordingly, upon information
`and belief, this reference is prior art to the patents-in-suit.).
`Microsoft Corp., Cariplo: Distributed Component Object Model,
`(1996) available at http://msdn2.microsoft.com/en-us/library/
`ms809332(printer).aspX (Cariplo I).
`Marc Levy, COM Internet Services (Apr. 23, 1999), available at
`http://msdn2.microsoft.com/en-us/library/ms809302(printer).aspX
`(Levy).
`Markus Horstman