Final Exam Review Questions - Email Security
What is S/MIME?
Secure/Multipurpose Internet Mail Extension (S/MIME) is a security enhancement to the MIME Internet e-mail format standard based on technology from RSA Data Security.
What are the four principal services provided by S/MIME?
Authentication and Non-repudiation of origin using digital signatures, Message Integrity, Privacy, Data Security using encryption. AN-MPD
Briefly explain base64 encoding.
Base 64 is the encoding scheme for binary data. Each group of three octets of binary data is mapped into four ASCII characters.
Why is base64 conversion useful for email security?
Both PGP and S/MIME make use of an encoding technique referred to as radix-64 conversion. This technique maps arbitrary binary input into printable character output. No control characters are included in the set. Thus, a message encoded in radix 64 can traverse mail-handling systems that scan the data stream for control characters. Mail is transferred from a storage device in the sending host to a storage device in the receiving host. It may be necessary to perform certain transformations on the mail because data storage representations in the two systems are different. For example, NVT-ASCII has different data storage representations in different systems. PDP-10's generally store NVT-ASCII as five 7-bit ASCII characters, left-justified in a 36-bit word. 360's store NVT-ASCII as four 8-bit EBCDIC codes in a 32-bit word. Multics stores NVT-ASCII as four 9-bit characters in a 36-bit word. For the sake of simplicity, all data must be represented in MTP as NVT-ASCII. This means that characters must be converted into the standard NVT-ASCII representation when transmitting text, regardless of whether the sending and receiving hosts are dissimilar. The sender converts the data from its internal character representation to the standard 8-bit NVT-ASCII representation (see the TELNET specification). The receiver converts the data from the standard form to its own internal form. In accordance with this standard, the sequence should be used to denote the end of a line of text.
What is DKIM?
Domain Keys Identified Mail (DKIM) is a specification for cryptographically signing e-mail messages, permitting a signing domain to claim responsibility for a message in the mail stream. Message recipients (or agents acting on their behalf) can verify the signature by querying the signer's domain directly to retrieve the appropriate public key and thereby can confirm that the message was attested to by a party in possession of the private key for the signing domain.
What is the difference between MIME content type and a MIME transfer encoding?
MIME-Version, Content-Type, and Content-Transfer-Encoding. These three headers determine the nature of the rest of the email message. For instance, the Content-Type header in Listing 16.1 has been set to text/plain. However, the value for this header can be any valid MIME type, such as image/jpeg (for a JPEG format image), or text/html (for a HTML-formatted message). Of course, for the email to be properly rendered in the email client, the client must understand how to render an image or HTML document. Strictly speaking MIME and content type are two different things. MIME is a set of standards that was written to extend the capabilities of email messages and has since been applied more broadly to internet content and HTTP. Content type is a header used both in email messages and HTTP. Practically, however, content type and MIME type are used interchangeably.
What is the utility of a detached signature?
Signatures, through normally are attached to the the message being transmitted can also be sent independently of the message (detached). These types of signatures serve the following purposes: The user may wish to maintain a separate log of all prior signatures used. A detached signature of an executable program can detect subsequent virus infections. Necessary in the event a document to be 'signed' requires the signature of more than one users.
What is the difference between RFC 5321 and 5322?
Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (email) transmission. First defined by RFC 821 in 1982, it was last updated in 2008 with Extended SMTP additions by RFC 5321, which is the protocol in widespread use today.. RFC 5322 defines a format for text messages that are sent using electronic mail.