Professional Documents
Culture Documents
Simple Mail Transfer • Used for transfer of mail from a user agent to a
Protocol (SMTP) MTA and from one MTA to another
States
• Authentication state
• Transaction state
• Update state
Defined by RFC 3501
Provides more functionality to users than the
POP model
Clients can have multiple remote mailboxes from
which messages can be retrieved
Clients can specify criteria for downloading
messages
Always keeps messages on the server and
replicates copies to the clients
Allows clients to make changes when
connected and when disconnected
Table can be found on page 292 in text
Transaction oriented client/server protocol
Most typical use is between a Web browser and
a Web server
Makes use of TCP to provide reliability
Is a stateless protocol
Each transaction is treated independently
Flexible in the formats that it can handle
Web servers are relatively
The Web is vulnerable to
easy to configure and
attacks on the Web
manage but the
servers over the Internet
underlying software is
Reputations can be extraordinarily complex
damaged and money can and may hide potential
be lost if the Web servers security flaws
are subverted
Users are not necessarily
A Web server can be aware of the security risks
exploited as a launching that exist and do not have
pad into the corporation’s the tools or knowledge to
or agency’s entire take effective
computer complex countermeasures
Confidentiality
All data that pass between the two applications are
encrypted so that they cannot be eavesdropped on
the Internet
Message integrity
SSL assures that the message is not altered or
substituted for en route
Authentication
SSL can validate the identity of one
or both partners to the exchange
Combination of HTTP and SSL to implement secure
communication between a Web browser and a Web server