ELECTRONIC MAIL SECURITY
o Pretty Good Privacy
· Operational Description Cryptographic Keys and Key Rings Public-Key Management
· RFC 5322
· Multipurpose Internet Mail Extensions S/MIME Functionality
· S/MIME Messages
· S/MIME Certificate Processing Enhanced Security Services
o DomainKeys Identified Mail
· Internet Mail Architecture E-mail Threats
· DKIM Strategy
· DKIM Functional Flow
◆ PGP is an open-source, freely available software package for e-mail secu- rity. It provides authentication through the use of digital signature, confidentiality through the use of symmetric block encryption, compression using the ZIP algorithm, and e-mail compatibility using the radix-64 encoding scheme.
◆ PGP incorporates tools for developing a public-key trust model and public-key certificate management.
◆ S/MIME is an Internet standard approach to e-mail security that incorporates the same functionality as PGP.
◆ DKIM is a specification used by e-mail providers for cryptographically signing e-mail messages on behalf of the source domain.
In virtually all distributed environments, electronic mail is the most heavily used network-based application. Users expect to be able to, and do, send e-mail to others who are connected directly or indirectly to the Internet, regardless of host operating system or communications suite. With the explo- sively growing reliance on e-mail, there grows a demand for authentication and confidentiality services. Two schemes stand out as approaches that enjoy widespread use: Pretty Good Privacy (PGP) and S/MIME. Both are examined in this chapter. The chapter closes with a discussion of DomainKeys Identified Mail.