• General Security Information
• PKCS#11
• Single Sign-On
• Form Signing
• Object Signing
• FIPS-140-1
• Technotes
• FORTEZZA
• Secure Sockets Layer (SSL)
• International Step-Up
• Smart Cards

GENERAL SECURITY INFORMATION

• Introduction to Public-Key Cryptography - Explains the basic concepts of public-key cryptography that underlie security features of Netscape products. Last updated 5/98.
• Introduction to SSL - Introduces the SSL protocol, which is used for authenticated and encrypted communication on the World Wide Web. Includes information about cryptographic ciphers supported by SSL and the steps involved in the SSL handshake. Last update 5/98.
• Security Resources - Lists resources relevant to the Netscape approach to security solutions. Last updated 1/98.

Download ZIP file
• Export Restrictions on International Sales - Describes export restrictions imposed by the United States government on software products with encryption features. Last updated 1/98.

Download ZIP file
• Netscape Security Solutions - Summarizes information about security in Netscape products.
• SSL Version 3.0 - Detailed specifications for the SSL protocol, which is used for authenticated and encrypted communication on the World Wide Web.
• Applying Communicator's Security Features - Tells administrators how to apply the security features built into Netscape Communicator 4.0. Using this topic administrators can configure all of Communicator's authentication, encryption, access-control, and content-protection capabilities. This topic focuses on specific Communicator preferences, and the values necessary to implement the features they represent. Last updated 10/97.
• S/MIME - Through the introduction of S/MIME, the email security solution from RSA, enterprises and individuals can leverage low-cost web technology to help secure their email messages.

• Implementing PKCS #11 for the Netscape Security Library - Describes how the Netscape Security Library (which is included with Communicator) calls functions defined by version 2.0 of the PKCS #11 specification. Last updated 6/97.

Download TAR.GZ version for UNIX
Download ZIP version for Windows
• PKCS #11 FAQ - An FAQ for implementors of PKCS #11 cryptographic modules. Last updated 3/98.
• Using the JAR Installation Manager to Install a PKCS #11 Cryptographic Module - Describes how to prepare a PKCS #11 cryptographic module so that users can download it from the Internet, verify its integrity, and install it, all with just a few mouse clicks. Last updated 12/97.

Download ZIP version for Windows
• PKCS #11 Utility Package 1.0.5 - The PKCS #11 Utility Package assists vendors of PKCS #11-compliant cryptographic hardware or software verify compatibility with Netscape software. The package provides test suites that exercise cryptographic modules through Netscape's security library. It also contains test automation tools, as well as utilities for manipulating Netscape's security databases.

• Single Sign-On Deployment Guide - This new guide describes how to deploy a single sign-on solution within an enterprise using SuiteSpot, Mission Control, Communicator, and other currently available Netscape products. Single sign-on allows a user to log in once to a local client and rely on automatic certificate-based SSL authentication for access to servers throughout the organization. Single sign-on makes intranets easier to use, limits passwords to the local machine, simplifies system administration, and uses existing access-control mechanisms. October 1997

Download PDF file
Download TAR.GZ version for UNIX
Download ZIP version for Windows

• Netscape Form Signing - Overview of resources related to form signing, including the Signature Verification Tool.
• Signing Text from JavaScript - Documentation for the JavaScript method signText. This method displays a dialog box that displays a specified form or other string of text and asks the user to sign it. When the user selects an appropriate certificate and clicks OK, the method returns a base-64-encoded PKCS #7 signed object that can be validated with the Signature Verification Tool.
• Using the Signature Verification Tool - The Signature Verification Tool is a simple command-line utility that unpacks a base-64-encoded PKCS #7 signed object and verifies the digital signature using standard cryptographic techniques. It can be invoked from a CGI script to verify a digital signature generated by the JavaScript method signText. Last updated 12/18/97.

• Signing Software with the Netscape Signing Tool 1.1 - Complete documentation for the latest version of the Netscape Signing Tool, which is available at Object-Signing Tools. Version 1.1 includes all the capabilities of, and is fully compatible with, previous versions of the Netscape Signing Tool (.50, .60, and 1.0). Latest capabilities include the ability to read options from a command file, redirect information and error message output to an output file to generate test certificates, debugging aids, and other improvements. Last updated June 1998. 
• Signing Software with the Netscape Signing Tool .60 - This document documents version .60 of the Netscape Signing Tool, which has been superseded by version 1.0. You may need this information, for example, to maintain scripts based on version .60. For new projects, Netscape recommends version 1.0. Last updated March 1998.

Download PDF file
• Overview of Object-Signing Resources - Lists all documentation related to Netscape Object Signing functions.
• Netscape Object Signing: Establishing Trust for Downloaded Software - An introduction to Object Signing for IS managers and software developers. Last updated 7/2/97.

Download TAR.GZ version for UNIX
Download ZIP version for Windows

• Using JAR Installation Manager for SmartUpdate (replaces AutoInstall Developer's Guide, Automatic Software Download (ASD) Developer's Guide, and JAR Installation Manager Developer's Guide) - Describes how you can use the JAR Installation Manager technology to package your software for use with SmartUpdate. SmartUpdate lets you package your plug-ins and Java classes so that Communicator can automatically locate, download, and install or update them on a user's machine in a secure manner, freeing the end user from this chore. Last updated 12/15/97.

Download PDF file
Download TAR.GZ version for UNIX
Download ZIP version for Windows
• SmartUpdate for Content Developers - Introduces the information a content developer needs to understand about using SmartUpdate on their pages. Last updated 8/28/97.

Download PDF file
Download TAR.GZ version for UNIX
Download ZIP version for Windows
• JAR Format - Describes the JAR archive format and how to create one. Last updated 6/97.

Download TAR.GZ version for UNIX
Download ZIP version for Windows
• Introduction to the Capabilities Classes - Describes the Capabilities functionality for Java developers who are writing applets or libraries that need access to local system resources. Supports Communicator, last updated 6/97.

Download PDF file
Download TAR.GZ version for UNIX
Download ZIP version for Windows
• Java Capabilities API - Empowers developers to write Java applications that leave the "sandbox." This API extends the level of security now possible with Netscape Communicator.
• Netscape System Targets - Summarizes the targets defined by Netscape for requesting access to system resources beyond the "sandbox"--the Java term for the carefully defined limits within which Java applets and JavaScript scripts must otherwise operate. Last updated 8/97.

Download PDF file
Download TAR.GZ version for UNIX
Download ZIP version for Windows
• JavaScript Security in Communicator 4.x - Describes the security models available for JavaScript in Communicator 4.x and how you can use the object signing model to sign your JavaScript scripts. Last updated 9/30/97.

Download PDF file
Download TAR.GZ version for UNIX
Download ZIP version for Windows

• FIPS 140-1 FAQ- Questions and answers about FIPS 140-1, one of a series of Federal Information Processing Standards Publications (FIPS PUBS, or FIPS for short) issued by the U.S. government. FIPS 140-1 governs implementations of cryptographic modules--that is, hardware or software that encrypts and decrypts data or performs other cryptographic operations. Last updated August 1997.
• Operating Netscape Navigator in FIPS PUB-140-1 Compliant Mode- Describes how to set up Netscape Navigator 4.x to run in FIPS 140-1 compliant mode. Last updated February 1998.
• Netscape Signing Tool and FIPS-140-1- Describes how to use the Netscape Signing Tool in FIPS 140-1 compliant mode. (This document is part of Signing Software with Netscape Signing Tool 1.0.) Last updated March 1998.

• Security Preferences for Communicator - In the process of developing Netscape's security model, as well as in writing Java code which makes use of that security model, Netscape's engineers have found it useful to modify the security behavior of Communicator in several ways. We believe these modifications will prove to be just as useful for all developers on the Netscape platform. This TechNote describes the preferences and methods for changing the preferences. (TN-SEC-03-9706)
• Security SetScopePermission - Describes the changes that were instituted in Netscape Navigator 3.x Java implementation in order to better support security in Java.
• Activating Codebase Principals - Describes the risks involved with codebase principals, and describes how to activate them.

• Netscape Products with FORTEZZA - Netscape offers client and server products with FORTEZZA, hardware-enhanced security services originally developed by the U.S. government

• Secure Sockets Layer - Netscape has designed and specified a protocol for providing data security layered between application protocols (such as HTTP, Telnet, NNTP, or FTP) and TCP/IP.
• Secure Sockets Layer Protocol - Netscape has developed the SSL protocol to provide a high-level of security for Internet communications.
• How SSL Works - This document explains how Netscape uses RSA public key cryptography for Internet security. Netscape's implementation of the SSL protocol employs the techniques discussed in this document.
• SSL Version 3.0 - Detailed specifications for the SSL protocol, which is used for authenticated and encrypted communication on the World Wide Web.

• Strong Encryption for International Banks - Through Netscape's International Step-Up program, banks outside the United States can offer strong encryption to ther international customers.

• Smart Cards - Smart cards and hardware tokens provide both greater mobility and enhanced security by allowing users to carry their digital certificates with them.