www.rainierbank.biz



MIME


See also Zip files

and WinZip

BitCom Main page

Back to Zip

Down the rabbit hole  

http://en.wikipedia.org/wiki/Binary-to-text_encoding
www.mhonarc.org/~ehood/MIME/
The following RFC's define Multipurpose Internet Mail Extensions (MIME):



RFC 2015: MIME Security with Pretty Good Privacy (PGP).
RFC 2110: MIME E-mail Encapsulation of Aggregate Documents, such as HTML (MHTML).
RFC 2111: Content-ID and Message-ID Uniform Resource Locators.
RFC 2112: The MIME Multipart/Related Content-type.

 




.wikipedia.org/wiki/Advanced_Encryption_Standard

AES is based on a design principle known as a Substitution permutation network. It is fast in both software and hardware,[5] is relatively easy to implement, and requires little memory.[citation needed] Unlike its predecessor DES, AES does not use a Feistel network.

AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.

Assuming one byte equals 8 bits, the fixed block size of 128 bits is 128 ÷ 8 = 16 bytes. AES operates on a 4×4 array of bytes, termed the state (versions of Rijndael with a larger block size have additional columns in the state). Most AES calculations are done in a special finite field.

Archive and compression tools

ASCII

From Wikipedia, the free encyclopedia

http://en.wikipedia.org/wiki/ASCII

Jump to: navigation, search
For other uses, see ASCII (disambiguation).
Not to be confused with ANSI
The 95 printable ASCII characters, numbered from 32 to 126 (decimal)

American Standard Code for Information Interchange (ASCII), pronounced /ˈæski/[1] is a character-encoding scheme based on the ordering of the English alphabet. ASCII codes represent text in computers, communications equipment, and other devices that work with text. Most modern character-encoding schemes—which support many more characters than did the original—have a historical basis in ASCII.

Historically, ASCII developed from telegraphic codes. Its first commercial use was as a seven-bit teleprinter code promoted by Bell data services. Work on ASCII formally began October 6, 1960, with the first meeting of the American Standards Association's (ASA) X3.2 subcommittee. The first edition of the standard was published in 1963,[2][3] a major revision in 1967,[4] and the most recent update in 1986.[5] Compared to earlier telegraph codes, the proposed Bell code and ASCII were both ordered for more convenient sorting (i.e., alphabetization) of lists, and added features for devices other than teleprinters.

ASCII includes definitions for 128 characters: 33 are non-printing control characters (now mostly obsolete) that affect how text is processed;[6] 94 are printable characters, and the space is considered an invisible graphic.[7] The most commonly used character encoding on the World Wide Web was US-ASCII[8] until 2008, when it was surpassed by UTF-8.

The American Standard Code for Information Interchange (ASCII) was developed under the auspices of a committee of the American Standards Association, called the X3 committee, by its X3.2 (later X3L2) subcommittee, and later by that subcommittee's X3.2.4 working group. The ASA became the United States of America Standards Institute or USASI[10] and ultimately the American National Standards Institute.

The X3.2 subcommittee designed ASCII based on earlier teleprinter encoding systems. Like other character encodings, ASCII specifies a correspondence between digital bit patterns and character symbols (i.e. graphemes and control characters). This allows digital devices to communicate with each other and to process, store, and communicate character-oriented information such as written language. Before ASCII was developed, the encodings in use included 26 alphabetic characters, 10 numerical digits, and from 11 to 25 special graphic symbols. To include all these, and control characters compatible with the Comité Consultatif International Téléphonique et Télégraphique standard, Fieldata, and early EBCDIC, more than 64 codes were required in ASCII.

The committee debated the possibility of a shift key function (like the Baudot code), which would allow more than 64 codes to be represented by six bits. In a shifted code, some character codes determine choices between options for the following character codes. It allows compact encoding, but is less reliable for data transmission; an error in transmitting the shift code typically makes a long part of the transmission unreadable. The standards committee decided against shifting, and so ASCII required at least a seven-bit code.[11]

The committee considered an eight-bit code, since eight bits would allow two four-bit patterns to efficiently encode two digits with binary coded decimal. (However it would require all data transmission to send eight bits when seven could suffice.) The committee voted to use a seven-bit code to minimize costs associated with data transmission. Since perforated tape at the time could record eight bits in one position, it also allowed for a parity bit for error checking if desired.[12] Machines with octets as the native data type that did not use parity checking typically set the eighth bit to 0.[13]

Microsoft has effectively 'patented' ASCII, since it holds copyright over the upper memory device drivers and software which accesses 'virtual memory, or Extended memory on the intel chip, even though the extended memory is no longer called the Microsoft Virtual machine controlled by the LIMs (Lotus/intel/Microsoft) agreement, the virtual machine continues to exist and is now called as the 'Java Virtual Machine' with an estimated four billion instalations worldwide.

Although the JVM was primarily aimed at running compiled Java programs, other languages can now run on top of it[1], such as:


Bob and Alice; placeholder names 

Alice_and_Bob  
List of characters   #List_of_characters

The names Alice and Bob are commonly used placeholder names for archetypal characters in fields such as cryptography and physics. The names are used for convenience, since explanations such as "Person A wants to send a message to person B" can be difficult to follow in complex systems involving many steps. Following the alphabet, the specific names have evolved into common parlance within these fields — helping technical topics to be explained in a more understandable fashion.

In cryptography and computer security, there are a number of widely-used names for the participants in discussions and presentations about various protocols. The names are conventional, somewhat self-suggestive, sometimes humorous, and effectively act as metasyntactic variables.

In typical implementations of these protocols, it is understood that the actions attributed to characters such as Alice or Bob would not normally be carried out by human parties directly, but rather by a trusted automated agent (such as a computer program) on their behalf.


 

Original reference: http://www.mhonarc.org/~ehood/MIME/rfc2015.txt
"Zimmermann", see Zimmermann (disambiguation).
Phil Zimmermann

Philip R. "Phil" Zimmermann Jr. (born February 12, 1954) is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world[citation needed]. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone.

He was born in Camden, New Jersey. His father was a concrete mixer truck driver. Zimmermann received a B.S. degree in computer science from Florida Atlantic University in Boca Raton in 1978, and currently lives in the San Francisco Bay Area.


After a report from RSA Data Security, Inc., who were in a licensing dispute with regard to use of the RSA algorithm in PGP, the Customs Service started a criminal investigation of Zimmermann, for allegedly violating the Arms Export Control Act. The US Government had long regarded cryptographic software as a munition, and thus subject to arms trafficking export controls. At that time, the boundary between permitted ("low strength") cryptography and impermissible ("high strength") cryptography placed PGP well on the too-strong-to-export side (this boundary has since been relaxed). The investigation lasted three years, but was finally dropped without filing charges.
After the government dropped its case without indictment in early 1996, Zimmermann founded PGP Inc. and released an updated version of PGP and some additional related products. That company was acquired by Network Associates (NAI) in December 1997, and Zimmermann stayed on for three years as a Senior Fellow. NAI decided to drop the product line and in 2002, PGP was acquired from NAI by a new company called PGP Corporation. Zimmermann now serves as a special advisor and consultant to that firm. Zimmermann is also a fellow at the Stanford Law School's Center for Internet and Society. He was a principal designer of the cryptographic key agreement protocol (the "association model") for the Wireless USB standard.
TITLE DEED
McAfee

zenobank.com/index.php?symbol
http://www.mcafee.com/us/
The company was founded in 1987 as McAfee Associates, named for its founder John McAfee. Network Associates was formed in 1997 as a merger of McAfee Associates and Network General. In 2004, a major restructuring occurred. In the spring, the company sold its Magic Solutions business to Remedy, a subsidiary of BMC Software. In the summer of 2004, the company sold the Sniffer Technologies business to a venture capital backed firm named 'Network General' - the same name as the original owner of Sniffer Technologies. Also, the company changed its name back to McAfee to reflect its focus on security-related technologies.
On September 22, 2008, McAfee announced its intention to acquire Secure Computing. The combined company will form the world's largest dedicated security company.

McAfee formerly had naming rights to the then-named McAfee Coliseum, home of the Oakland Athletics baseball team in Oakland, California from 1997-2008.

 

Secure Computing Corporation, or SCC, was a public company (NASDAQSCUR

 
) that developed and sold computer security appliances and hosted services to protect users and data. McAfee acquired the company in 2008.

The company also developed filtering systems used by governments such as Iran and Saudi Arabia that blocked their citizens from accessing information on the Internet.[1][2]

JavaScript programming language 

http://en.wikipedia.org/wiki/JavaScript
http://en.wikipedia.org/wiki/Category:JavaScript_programming_language

JavaScript is a scripting language used to enable programmatic access to objects within other applications. It is primarily used in the form of client-side JavaScript for the development of dynamic websites. JavaScript is a dialect of the ECMAScript standard and is characterized as a dynamic, weakly typed, prototype-based language with first-class functions. JavaScript was influenced by many languages and was designed to look like Java, but to be easier for non-programmers to work with.[1][2]


C programming language   

http://en.wikipedia.org/wiki/C_(programming_language)

C is a general-purpose computer programming language developed in 1972 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system.[2]

Although C was designed for implementing system software,[3] it is also widely used for developing portable application software.[citation needed]

C is one of the most popular programming languages.[4][5] It is widely used on many different software platforms, and there are few computer architectures for which a C compiler does not exist. C has greatly influenced many other popular programming languages, most notably C++, which originally began as an extension to C.

Dennis MacAlistair Ritchie

Dennis Ritchie (right) with Ken Thompson
Born September 9, 1941 (1941-09-09) (age 67)
Bronxville, New York
Fields Computer Science
Institutions Lucent Technologies
Bell Labs
Known for ALTRAN
B
BCPL
C
Multics
Unix
Notable awards Turing Award
National Medal of Technology

Dennis MacAlistair Ritchie (username: dmr, born September 9, 1941) is an American computer scientist notable for his influence on C and other programming languages, and on operating systems such as Multics and Unix. He received the Turing Award in 1983 and the National Medal of Technology in 1998. Ritchie was the head of Lucent Technologies System Software Research Department when he retired in 2007.

RSA
EMC Corporation (NYSEEMC
 
) is a U.S. Fortune 500 and S&P 500 provider of information infrastructure systems, software and services. It is headquartered in Hopkinton, Massachusetts, USA. Its flagship product, the Symmetrix, is the foundation of storage networks in many large data centers.On June 29, 2006, EMC announced that it was buying security software company RSA Security, Inc., adding Information Security to its lineup of storage products.


On April 8, 2008, EMC announced that it was buying Iomega Corporation, Inc., initially made famous by its line of Zip and Jaz external mass storage devices, but with the advent of flash drives and writeable CD-ROMs, saw its sales plummet.[6] EMC is using the Iomega purchase to move into the Retail and SOHO space, an area where it traditionally had little penetration.[7] Iomega's sales channels and brand recognition will be a tremendous asset to EMC. Iomega had already been packaging their eGo line of portable hard drives with EMC Retrospect backup software, a product EMC acquired through its purchase of Dantz Corporation in 2004.



Network Working Group                                          M. Elkins
Request for Comments: 2015                     The Aerospace Corporation
Category: Standards Track                                   October 1996


              MIME Security with Pretty Good Privacy (PGP)

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   This document describes how Pretty Good Privacy (PGP) can be used to
   provide privacy and authentication using the Multipurpose Internet
   Mail Extensions (MIME) security content types described in RFC1847.
1.  Introduction

   Previous work on integrating PGP with MIME (including the since
   withdrawn application/pgp content type) has suffered from a number of
   problems, the most significant of which is the inability to recover
   signed message bodies without parsing data structures specific to
   PGP.  This work makes use of the elegant solution proposed in
   RFC1847, which defines security multipart formats for MIME. The
   security multiparts clearly separate the signed message body from the
   signature, and have a number of other desirable properties. This
   document is styled after RFC 1848, which defines MIME Object Security
   Services (MOSS) for providing security and authentication.

   This document defines three new content types for implementing
   security and privacy with PGP: application/pgp-encrypted,
   application/pgp-signature and application/pgp-keys.

1.1  Compliance

   In order for an implementation to be compliant with this
   specification, is it absolutely necessary for it to obey all items
   labeled as MUST or REQUIRED.
Elkins                      Standards Track                     [Page 1]

RFC 2015                 MIME Security with PGP             October 1996


2.  PGP data formats

   PGP can generate either ASCII armor (described in [3]) or 8-bit
   binary output when encrypting data, generating a digital signature,
   or extracting public key data.  The ASCII armor output is the
   REQUIRED method for data transfer.  This allows those users who do
   not have the means to interpret the formats described in this
   document to be able extract and use the PGP information in the
   message.

   When the amount of data to be transmitted requires that it be sent in
   many parts, the MIME message/partial mechanism should be used rather
   than the multipart ASCII armor PGP format.

3.  Content-Transfer-Encoding restrictions

   Multipart/signed and multipart/encrypted are to be treated by agents
   as opaque, meaning that the data is not to be altered in any way [1].
   However, many existing mail gateways will detect if the next hop does
   not support MIME or 8-bit data and perform conversion to either
   Quoted-Printable or Base64.  This presents serious problems for
   multipart/signed, in particular, where the signature is invalidated
   when such an operation occurs.  For this reason all data signed
   according to this protocol MUST be constrained to 7 bits (8- bit data
   should be encoded using either Quoted-Printable or Base64).  Note
   that this also includes the case where a signed object is also
   encrypted (see section 6).  This restriction will increase the
   likelihood that the signature will be valid upon receipt.

   Data that is ONLY to be encrypted is allowed to contain 8-bit
   characters and therefore need not be converted to a 7-bit format.

     Implementor's note: It cannot be stressed enough that applications
     using this standard should follow MIME's suggestion that you "be
     conservative in what you generate, and liberal in what you accept."
     In this particular case it means it would be wise for an
     implementation to accept messages with any content-transfer-
     encoding, but restrict generation to the 7-bit format required by
     this memo.  This will allow future compatibility in the event the
     Internet SMTP framework becomes 8-bit friendly.

4.  PGP encrypted data

   Before encryption with PGP, the data should be written in MIME
   canonical format (body and headers).

   PGP encrypted data is denoted by the "multipart/encrypted" content
   type, described in [1], and MUST have a "protocol" parameter value of



Elkins                      Standards Track                     [Page 2]

RFC 2015                 MIME Security with PGP             October 1996


   "application/pgp-encrypted".  Note that the value of the parameter
   MUST be enclosed in quotes.

   The multipart/encrypted MUST consist of exactly two parts.  The first
   MIME body part must have a content type of "application/pgp-
   encrypted".  This body contains the control information.  A message
   complying with this standard MUST contain a "Version: 1" field in
   this body.  Since the PGP packet format contains all other
   information necessary for decrypting, no other information is
   required here.

   The second MIME body part MUST contain the actual encrypted data.  It
   must be labeled with a content type of "application/octet- stream".

   Example message:

     From: Michael Elkins <elkins@aero.org>
     To: Michael Elkins <elkins@aero.org>
     Mime-Version: 1.0
     Content-Type: multipart/encrypted; boundary=foo;
        protocol="application/pgp-encrypted"

     --foo
     Content-Type: application/pgp-encrypted

     Version: 1

     --foo
     Content-Type: application/octet-stream

     -----BEGIN PGP MESSAGE-----
     Version: 2.6.2

     hIwDY32hYGCE8MkBA/wOu7d45aUxF4Q0RKJprD3v5Z9K1YcRJ2fve87lMlDlx4Oj
     eW4GDdBfLbJE7VUpp13N19GL8e/AqbyyjHH4aS0YoTk10QQ9nnRvjY8nZL3MPXSZ
     g9VGQxFeGqzykzmykU6A26MSMexR4ApeeON6xzZWfo+0yOqAq6lb46wsvldZ96YA
     AABH78hyX7YX4uT1tNCWEIIBoqqvCeIMpp7UQ2IzBrXg6GtukS8NxbukLeamqVW3
     1yt21DYOjuLzcMNe/JNsD9vDVCvOOG3OCi8=
     =zzaA
     -----END PGP MESSAGE-----

     --foo--

5.  PGP signed data

   PGP signed messages are denoted by the "multipart/signed" content
   type, described in [1], with a "protocol" parameter which MUST have a
   value of "application/pgp-signature" (MUST be quoted).  The "micalg"



Elkins                      Standards Track                     [Page 3]

RFC 2015                 MIME Security with PGP             October 1996


   parameter MUST have a value of "pgp-<hash-symbol>", where <hash-
   symbol> identifies the message integrity check (MIC) used to generate
   the signature.  The currently defined values for <hash-symbol> are
   "md5" for the MD5 checksum, and "sha1" for the SHA.1 algorithm.

   The multipart/signed body MUST consist of exactly two parts.  The
   first part contains the signed data in MIME canonical format,
   including a set of appropriate content headers describing the data.

   The second body MUST contain the PGP digital signature.  It MUST be
   labeled with a content type of "application/pgp-signature".

   When the PGP digital signature is generated:

   (1)  The data to be signed must first be converted to its
        type/subtype specific canonical form.  For text/plain, this
        means conversion to an appropriate character set and conversion
        of line endings to the canonical <CR><LF> sequence.

   (2)  An appropriate Content-Transfer-Encoding is then applied. Each
        line of the encoded data MUST end with the canonical <CR><LF>
        sequence.

   (3)  MIME content headers are then added to the body, each ending
        with the canonical <CR><LF> sequence.

   (4)  As described in [1], the digital signature MUST be calculated
        over both the data to be signed and its set of content headers.

   (5)  The signature MUST be generated detached from the signed data
        so that the process does not alter the signed data in any way.

   Example message:

     From: Michael Elkins <elkins@aero.org>
     To: Michael Elkins <elkins@aero.org>
     Mime-Version: 1.0
     Content-Type: multipart/signed; boundary=bar; micalg=pgp-md5;
     protocol="application/pgp-signature"

     --bar
     & Content-Type: text/plain; charset=iso-8859-1
     & Content-Transfer-Encoding: quoted-printable
     &
     & =A1Hola!
     &
     & Did you know that talking to yourself is a sign of senility?
     &



Elkins                      Standards Track                     [Page 4]

RFC 2015                 MIME Security with PGP             October 1996


     & It's generally a good idea to encode lines that begin with
     & From=20because some mail transport agents will insert a greater-
     & than (>) sign, thus invalidating the signature.
     &
     & Also, in some cases it might be desirable to encode any   =20
     &railing whitespace that occurs on lines in order to ensure  =20
     & that the message signature is not invalidated when passing =20
     & a gateway that modifies such whitespace (like BITNET). =20
     &
     & me

     --bar
     Content-Type: application/pgp-signature

    -----BEGIN PGP MESSAGE-----
   Version: 2.6.2

   iQCVAwUBMJrRF2N9oWBghPDJAQE9UQQAtl7LuRVndBjrk4EqYBIb3h5QXIX/LC//
   jJV5bNvkZIGPIcEmI5iFd9boEgvpirHtIREEqLQRkYNoBActFBZmh9GC3C041WGq
   uMbrbxc+nIs1TIKlA08rVi9ig/2Yh7LFrK5Ein57U/W72vgSxLhe/zhdfolT9Brn
   HOxEa44b+EI=
   =ndaj
   -----END PGP MESSAGE-----

   --bar--

   The "&"s in the previous example indicate the portion of the data
   over which the signature was calculated.

   Though not required, it is generally a good idea to use Quoted-
   Printable encoding in the first step (writing out the data to be
   signed in MIME canonical format) if any of the lines in the data
   begin with "From ", and encode the "F".  This will avoid an MTA
   inserting a ">" in front of the line, thus invalidating the
   signature!

   Upon receipt of a signed message, an application MUST:

   (1)  Convert line endings to the canonical <CR><LF> sequence before
        the signature can be verified.  This is necessary since the
        local MTA may have converted to a local end of line convention.

   (2)  Pass both the signed data and its associated content headers
        along with the PGP signature to the signature verification
        service.






Elkins                      Standards Track                     [Page 5]

RFC 2015                 MIME Security with PGP             October 1996


6.  Encrypted and Signed Data

   Sometimes it is desirable to both digitally sign and then encrypt a
   message to be sent.  This protocol allows for two methods of
   accomplishing this task.

6.1  RFC1847 Encapsulation

   [1], it is stated that the data should first be signed as a
   multipart/signature body, and then encrypted to form the final
   multipart/encrypted body, i.e.,

    Content-Type: multipart/encrypted;
       protocol="application/pgp-encrypted"; boundary=foo

    --foo
    Content-Type: application/pgp-encrypted

    Version: 1

    --foo
    Content-Type: application/octet-stream

    -----BEGIN PGP MESSAGE-----
    & Content-Type: multipart/signed; micalg=pgp-md5
    &     protocol="application/pgp-signature"; boundary=bar
    &
    & --bar
    & Content-Type: text/plain; charset=us-ascii
    &
    & This message was first signed, and then encrypted.
    &
    & --bar
    & Content-Type: application/pgp-signature
    &
    & -----BEGIN PGP MESSAGE-----
    & Version: 2.6.2
    &
    & iQCVAwUBMJrRF2N9oWBghPDJAQE9UQQAtl7LuRVndBjrk4EqYBIb3h5QXIX/LC//
    & jJV5bNvkZIGPIcEmI5iFd9boEgvpirHtIREEqLQRkYNoBActFBZmh9GC3C041WGq
    & uMbrbxc+nIs1TIKlA08rVi9ig/2Yh7LFrK5Ein57U/W72vgSxLhe/zhdfolT9Brn
    & HOxEa44b+EI=
    & =ndaj
    & -----END PGP MESSAGE-----
    &
    & --bar--
    -----END PGP MESSAGE-----




Elkins                      Standards Track                     [Page 6]

RFC 2015                 MIME Security with PGP             October 1996


    --foo--

    (The text preceded by '&' indicates that it is really
    encrypted, but presented as text for clarity.)

6.2  Combined method

   Versions 2.x of PGP also allow data to be signed and encrypted in one
   operation.  This method is an acceptable shortcut, and has the
   benefit of less overhead.  The resulting data should be formed as a
   "multipart/encrypted" object as described above.

   Messages which are encrypted and signed in this combined fashion are
   REQUIRED to follow the same canonicalization rules as for
   multipart/signed objects.

   It is explicitly allowed for an agent to decrypt a combined message
   and rewrite it as a multipart/signed object using the signature data
   embedded in the encrypted version.

7.  Distribution of PGP public keys

   Content-Type: application/pgp-keys
   Required parameters: none
   Optional parameters: none

   This is the content type which should be used for relaying public key
   blocks.

8.  Notes

   PGP and Pretty Good Privacy are trademarks of Philip Zimmermann.

9.  Security Considerations

   Use of this protocol has the same security considerations as PGP, and
   is not known to either increase or decrease the security of messages
   using it; see [3] for more information.

10.  Author's Address

        Michael Elkins
        P.O. Box 92957 - M1/102
        Los Angeles, CA 90009-2957

        Phone: +1 310 336 8040
        Fax: +1 310 336 4402




Elkins                      Standards Track                     [Page 7]

RFC 2015                 MIME Security with PGP             October 1996


References

   [1]  Galvin, J., Murphy, G., Crocker, S., and N. Freed, "Security
        Multiparts for MIME: Multipart/Signed and Multipart/Encrypted",
        RFC 1847, October 1995.

   [2]  Galvin, J., Murphy, G., Crocker, S., and N. Freed, "MIME Object
        Security Services", RFC 1848, October 1995.

   [3]  Atkins, D., Stallings, W., and P. Zimmermann, "PGP Message
        Exchange Formats", RFC 1991, August 1996.


 

Make a free website with Yola