SlideShare a Scribd company logo

Lec 8.pptx.pdf

S
ssuserbab2f4

Network security

Software
1 of 15
Download to read offline
Network Security CIT 602 Lec 8 Dr. Ahmed Alwakeel Assistant Professor College of Computers and Information Technology University of Tabuk aalwakeel@ut.edu.sa
S/MIME Secure/Multipurpose Internet Mail Extension S/MIME is a security enhancement to the MIME Internet e-mail format standard based on technology from RSA Data Security. It appears likely that S/MIME will emerge as the industry standard for commercial and organizational use, while PGP will remain the choice for personal e-mail security for many users. we need first to have a general understanding of the underlying e-mail format that it uses, namely MIME. But to understand the significance of MIME, we need to go back to the traditional e-mail format standard, RFC 822, which is still in common use. Dr. Anas Bushnag 2
RFC 5322 It defines a format for text messages that are sent using electronic mail. It has been the standard for Internet-based text mail messages and remains in common use. In the RFC 5322 context, messages are viewed as having an envelope and contents. The envelope contains whatever information is needed to accomplish transmission and delivery. The contents compose the object to be delivered to the recipient. Dr. Anas Bushnag 3
RFC 5322 The RFC 5322 standard applies only to the contents. However, the content standard includes a set of header fields that may be used by the mail system to create the envelope. A message consists of some number of header lines (the header) followed by unrestricted text (the body). The header is separated from the body by a blank line. Another field that is commonly found in RFC 5322 headers is Message-ID. This field contains a unique identifier associated with this message. Dr. Anas Bushnag 4
RFC 5322 Dr. Anas Bushnag 5
Multipurpose Internet Mail Extensions (MIME) It is an extension to the RFC 5322 framework that is intended to address some of the problems and limitations of the use of Simple Mail Transfer Protocol (SMTP): 1. SMTP cannot transmit executable files or other binary objects. 2. SMTP cannot transmit text data that includes national language characters, because these are represented by 8-bit codes with values of 128 decimal or higher, and SMTP is limited to 7-bit ASCII. 3. SMTP servers may reject mail message over a certain size. Dr. Anas Bushnag 6
Multipurpose Internet Mail Extensions (MIME) The MIME specification includes the following elements: 1. Five new message header fields are defined. 2. A number of content formats are defined. 3. Transfer encodings are defined that enable the conversion of any content format into a form that is protected from alteration by the mail system. Dr. Anas Bushnag 7
Multipurpose Internet Mail Extensions (MIME) The five header fields defined in MIME are: 1. MIME-Version: Must have the parameter value 1.0. 2. Content-Type: Describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user 3. Content-Transfer-Encoding: Indicates the type of transformation that has been used to represent the body of the message in a way that is acceptable for mail transport. Dr. Anas Bushnag 8
Multipurpose Internet Mail Extensions (MIME) 4. Content-ID: Used to identify MIME entities uniquely in multiple contexts. 5. Content-Description: A text description of the object with the body; this is useful when the object is not readable (e.g., audio data). Dr. Anas Bushnag 9
Multipurpose Internet Mail Extensions (MIME) Dr. Anas Bushnag 10
S/MIME S/MIME is very similar to PGP. Both offer the ability to sign and/or encrypt messages. S/MIME provides the following functions: 1. Enveloped data: This consists of encrypted content of any type and encrypted content encryption keys for one or more recipients. 2. Signed data: A digital signature is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer. The content plus signature are then encoded using base64 encoding. A signed data message can only be viewed by a recipient with S/MIME capability. Dr. Anas Bushnag 11
S/MIME 3. Clear-signed data: As with signed data, a digital signature of the content is formed. However, in this case, only the digital signature is encoded using base64. As a result, recipients without S/MIME capability can view the message content, although they cannot verify the signature. 4. Signed and enveloped data: Signed-only and encrypted-only entities may be nested, so that encrypted data may be signed and signed data or clear-signed data may be encrypted. Dr. Anas Bushnag 12
S/MIME To specify the requirement level: 1. MUST: An implementation must include this feature or function. 2. SHOULD: It is recommended that an implementation include the feature or function. Dr. Anas Bushnag 13
S/MIME Dr. Anas Bushnag 14
S/MIME S/MIME secures a MIME entity with a signature, encryption, or both. The use of transfer encoding requires special attention. For most cases, the result of applying the security algorithm will be to produce an object that is partially or totally represented in arbitrary binary data. This will then be wrapped in an outer MIME message, and transfer encoding can be applied at that point, typically base64. Dr. Anas Bushnag 15

Recommended

S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
S_MIME[1].ppt
S_MIME[1].pptS_MIME[1].ppt
S_MIME[1].pptssuserec53e73
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit vArthyR3
 
M.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfM.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfDr.Florence Dayana
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5koolkampus
 
Network Security CS2
Network Security CS2Network Security CS2
Network Security CS2Infinity Tech Solutions
 
E-mail Security.ppt
E-mail Security.pptE-mail Security.ppt
E-mail Security.pptmaniklal123
 
R.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceR.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceSrideviM4
 

Recommended

S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
S_MIME[1].ppt
S_MIME[1].pptS_MIME[1].ppt
S_MIME[1].pptssuserec53e73
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit vArthyR3
 
M.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfM.FLORENCE DAYANA/electronic mail security.pdf
M.FLORENCE DAYANA/electronic mail security.pdfDr.Florence Dayana
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5koolkampus
 
Network Security CS2
Network Security CS2Network Security CS2
Network Security CS2Infinity Tech Solutions
 
E-mail Security.ppt
E-mail Security.pptE-mail Security.ppt
E-mail Security.pptmaniklal123
 
R.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceR.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceSrideviM4
 
R.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceR.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceDevigaR1
 
computer netwok security Pretty Good Privacy PGP.ppt
computer netwok security Pretty Good Privacy PGP.pptcomputer netwok security Pretty Good Privacy PGP.ppt
computer netwok security Pretty Good Privacy PGP.pptjayaprasanna10
 
Ch15
Ch15Ch15
Ch15Joe Christensen
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail securityDr.Florence Dayana
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5limsh
 
Email security presentation
Email security presentationEmail security presentation
Email security presentationSubhradeepMaji
 
Email security
Email securityEmail security
Email securityIndrajit Sreemany
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
Network security
Network securityNetwork security
Network securitySVijaylakshmi
 
crypto ppt.pptx
crypto ppt.pptxcrypto ppt.pptx
crypto ppt.pptxSrinivasRao591013
 
Email sec11
Email sec11Email sec11
Email sec11Athira Asakumar
 
Email
EmailEmail
EmailV.V.Vanniaperumal College for Women
 
network and cyber security
network and cyber securitynetwork and cyber security
network and cyber securityShruthi Reddy
 
Email security
Email securityEmail security
Email securitykumarviji
 
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...DevigaR1
 
ch22.ppt
ch22.pptch22.ppt
ch22.pptImXaib
 
Pgp
PgpPgp
PgpAbhishek Kesharwani
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail MessagesD's Surti
 
Pgp
PgpPgp
PgpAbhishek Kesharwani
 
Cn u5
Cn u5Cn u5
Cn u5Poovarasu Thirunavukkarasu
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 

More Related Content

Similar to Lec 8.pptx.pdf

R.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceR.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceDevigaR1
 
computer netwok security Pretty Good Privacy PGP.ppt
computer netwok security Pretty Good Privacy PGP.pptcomputer netwok security Pretty Good Privacy PGP.ppt
computer netwok security Pretty Good Privacy PGP.pptjayaprasanna10
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5limsh
 
Email security presentation
Email security presentationEmail security presentation
Email security presentationSubhradeepMaji
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
network and cyber security
network and cyber securitynetwork and cyber security
network and cyber securityShruthi Reddy
 
Email security
Email securityEmail security
Email securitykumarviji
 
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...DevigaR1
 
ch22.ppt
ch22.pptch22.ppt
ch22.pptImXaib
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail MessagesD's Surti
 

Similar to Lec 8.pptx.pdf (20)

R.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer scienceR.Deviga II-M.Sc computer science
R.Deviga II-M.Sc computer science
 
computer netwok security Pretty Good Privacy PGP.ppt
computer netwok security Pretty Good Privacy PGP.pptcomputer netwok security Pretty Good Privacy PGP.ppt
computer netwok security Pretty Good Privacy PGP.ppt
 
Ch15
Ch15Ch15
Ch15
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
BAIT1103 Chapter 5
BAIT1103 Chapter 5BAIT1103 Chapter 5
BAIT1103 Chapter 5
 
Email security presentation
Email security presentationEmail security presentation
Email security presentation
 
Email security
Email securityEmail security
Email security
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)
 
Network security
Network securityNetwork security
Network security
 
crypto ppt.pptx
crypto ppt.pptxcrypto ppt.pptx
crypto ppt.pptx
 
Email sec11
Email sec11Email sec11
Email sec11
 
Email
EmailEmail
Email
 
network and cyber security
network and cyber securitynetwork and cyber security
network and cyber security
 
Email security
Email securityEmail security
Email security
 
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
Electronic mail security R.Deviga II-M.Sc.,Computer Science,Bonsecours colle...
 
ch22.ppt
ch22.pptch22.ppt
ch22.ppt
 
Pgp
PgpPgp
Pgp
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail Messages
 
Pgp
PgpPgp
Pgp
 
Cn u5
Cn u5Cn u5
Cn u5
 

Recently uploaded

Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningVitsRangannavar
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 

Recently uploaded (20)

Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learning
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 

Lec 8.pptx.pdf

  • 1. Network Security CIT 602 Lec 8 Dr. Ahmed Alwakeel Assistant Professor College of Computers and Information Technology University of Tabuk aalwakeel@ut.edu.sa
  • 2. S/MIME Secure/Multipurpose Internet Mail Extension S/MIME is a security enhancement to the MIME Internet e-mail format standard based on technology from RSA Data Security. It appears likely that S/MIME will emerge as the industry standard for commercial and organizational use, while PGP will remain the choice for personal e-mail security for many users. we need first to have a general understanding of the underlying e-mail format that it uses, namely MIME. But to understand the significance of MIME, we need to go back to the traditional e-mail format standard, RFC 822, which is still in common use. Dr. Anas Bushnag 2
  • 3. RFC 5322 It defines a format for text messages that are sent using electronic mail. It has been the standard for Internet-based text mail messages and remains in common use. In the RFC 5322 context, messages are viewed as having an envelope and contents. The envelope contains whatever information is needed to accomplish transmission and delivery. The contents compose the object to be delivered to the recipient. Dr. Anas Bushnag 3
  • 4. RFC 5322 The RFC 5322 standard applies only to the contents. However, the content standard includes a set of header fields that may be used by the mail system to create the envelope. A message consists of some number of header lines (the header) followed by unrestricted text (the body). The header is separated from the body by a blank line. Another field that is commonly found in RFC 5322 headers is Message-ID. This field contains a unique identifier associated with this message. Dr. Anas Bushnag 4
  • 5. RFC 5322 Dr. Anas Bushnag 5
  • 6. Multipurpose Internet Mail Extensions (MIME) It is an extension to the RFC 5322 framework that is intended to address some of the problems and limitations of the use of Simple Mail Transfer Protocol (SMTP): 1. SMTP cannot transmit executable files or other binary objects. 2. SMTP cannot transmit text data that includes national language characters, because these are represented by 8-bit codes with values of 128 decimal or higher, and SMTP is limited to 7-bit ASCII. 3. SMTP servers may reject mail message over a certain size. Dr. Anas Bushnag 6
  • 7. Multipurpose Internet Mail Extensions (MIME) The MIME specification includes the following elements: 1. Five new message header fields are defined. 2. A number of content formats are defined. 3. Transfer encodings are defined that enable the conversion of any content format into a form that is protected from alteration by the mail system. Dr. Anas Bushnag 7
  • 8. Multipurpose Internet Mail Extensions (MIME) The five header fields defined in MIME are: 1. MIME-Version: Must have the parameter value 1.0. 2. Content-Type: Describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user 3. Content-Transfer-Encoding: Indicates the type of transformation that has been used to represent the body of the message in a way that is acceptable for mail transport. Dr. Anas Bushnag 8
  • 9. Multipurpose Internet Mail Extensions (MIME) 4. Content-ID: Used to identify MIME entities uniquely in multiple contexts. 5. Content-Description: A text description of the object with the body; this is useful when the object is not readable (e.g., audio data). Dr. Anas Bushnag 9
  • 10. Multipurpose Internet Mail Extensions (MIME) Dr. Anas Bushnag 10
  • 11. S/MIME S/MIME is very similar to PGP. Both offer the ability to sign and/or encrypt messages. S/MIME provides the following functions: 1. Enveloped data: This consists of encrypted content of any type and encrypted content encryption keys for one or more recipients. 2. Signed data: A digital signature is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer. The content plus signature are then encoded using base64 encoding. A signed data message can only be viewed by a recipient with S/MIME capability. Dr. Anas Bushnag 11
  • 12. S/MIME 3. Clear-signed data: As with signed data, a digital signature of the content is formed. However, in this case, only the digital signature is encoded using base64. As a result, recipients without S/MIME capability can view the message content, although they cannot verify the signature. 4. Signed and enveloped data: Signed-only and encrypted-only entities may be nested, so that encrypted data may be signed and signed data or clear-signed data may be encrypted. Dr. Anas Bushnag 12
  • 13. S/MIME To specify the requirement level: 1. MUST: An implementation must include this feature or function. 2. SHOULD: It is recommended that an implementation include the feature or function. Dr. Anas Bushnag 13
  • 15. S/MIME S/MIME secures a MIME entity with a signature, encryption, or both. The use of transfer encoding requires special attention. For most cases, the result of applying the security algorithm will be to produce an object that is partially or totally represented in arbitrary binary data. This will then be wrapped in an outer MIME message, and transfer encoding can be applied at that point, typically base64. Dr. Anas Bushnag 15