A handshake protocol, for encapsulation by the so-called TLS Record Protocol, for use by a client (11) and a server (12) in authenticating each other. The handshake protocol is based on the TLS Handshake Protocol, but replaces the PKI trust infrastructure of that protocol with the IMS AKA trust infrastructure, which is based on a private key stored on a so-called smart card (11a) in the client terminal (11), and also stored (usually) in a Home Subscriber Server (14) serving as a trusted third party (but instead sometimes in the server (12) being authenticated), the third party providing information to the server (12) sufficient for the server (12) to authenticate the client (11) and also sufficient for the server (12) to provide to the client (11) information sufficient for the client (11) to authenticate the server (12).