Deck 8: Electronic Mail Security

The objective of MIME Transfer Encodings is to provide reliable delivery across the largest range of environments.

E-mail is the most common distributed application that is widely used across all architectures and vendor platforms.

The MIME-Version field must have the parameter value 1.0 in order for the message to conform to RFCs 2045 and 2046.

PGP has a very rigid public-key management scheme.

The key legitimacy field is derived from the collection of signature trust fields in the entry.

For the text type of body no special software is required to get the full meaning of the text aside from support of the indicated character set.

To enhance security an encrypted message is not accompanied by an encrypted form of the session key that was used for message encryption.

Native form is a format, appropriate to the content type, that is standardized for use between systems.

A message component includes the actual data to be stored or transmitted as well as a filename and a timestamp that specifies the time of creation.

PGP provides confidentiality through the use of asymmetric block encryption.

PGP incorporates tools for developing public-key certificate management and a public-key trust model.

As a default, PGP compresses the message after applying the signature but before encryption.

Only single user IDs may be associated with a single public key on the public-key ring.

Each PGP entity must maintain a file of its own public/private key pairs as well as a file of private keys of correspondents.

PGP makes use of four types of keys: public keys, private keys, one-time session keys, and ___________ symmetric keys.

PGP provides compression using the __________ algorithm.

The key legitimacy field, the signature trust field and the owner trust field are each contained in a structure referred to as a ___________ .

Computed by PGP, a _________ field indicates the extent to which PGP will trust that this is a valid public key for this user; the higher the level of trust, the stronger the binding of this user ID to this key.

To provide transparency for e-mail applications, an encrypted message may be converted to an ASCII string using _________ conversion.

The _________ type refers to other kinds of data, typically either uninterpreted binary data or information to be processed by a mail-based application.

The __________ MIME field describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user or otherwise deal with the data in an appropriate manner.

__________ is a security enhancement to the MIME Internet e-mail format standard based on technology from RSA Data Security.

The _________ transfer encoding is useful when the data consists largely of octets that correspond to printable ASCII characters.

___________ is an open-source, freely available software package for e-mail security.

S/MIME provides the following functions: enveloped data, signed data, clear signed data, and ________ .

A specification for cryptographically signing e-mail messages permitting a signing domain to claim responsibility for a message in the mail stream, _________ allow message recipients to verify the signature by querying the signer's domain directly to retrieve the appropriate public key and thereby confirming that the message was attested to by a party in possession of the private key for the signing domain.

A _________ is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer, which is then encoded using base64 encoding.

The _________ transfer encoding, also known as radix-64 encoding, is a common one for encoding arbitrary binary data in such a way as to be invulnerable to the processing by mail-transport programs.

The __________ is a directory lookup service that provides a mapping between the name of a host on the Internet and its numerical address.