Application layer -- May 20041 Computer Networks Application layer.

Application layer -- May 2004 1

Computer Networks

Application layer


Overview DNS -- Domain Name System E-mail Terminal Access: TELNET


Domain names IP-addresses not user friendly

readable names

telnet 134.58.42.36

telnet nix.cs.kuleuven.ac.be

Overviewo Definition of Internet domain names

o Translating domain names into IP addresses


Domain names Internet domain names

o Hierarchical structurenix.cs.kuleuven.ac.be

country code (Belgium)

name of computer system

dept. Computer science

K.U.Leuven

university (academic)


Domain names 3 groups Top Level Domains (TLD)

o 2-letter country codes (ISO 3166)

o generic names (similar organisations)• com commercial organisations

• org non-commercial organisations (bv. Vzw)

• int international organisations (nato, EU, …)

• net companies offering network services

• NEW: name, biz, info,…

o names of organisations within USA• edu universities

• gov US government

• mil US army


Domain names View on Internet domain name space


Domain names Each TLD:

o administrator (assign names within domain)

o “be”: • till jan. 2000: dept. Computer science

• now: vzw DNS BE (Ispa, Agoria, Beltug)

Each organisation with a domain name:o creates new names within its domain

o E.g.. kuleuven.ac.be and kulak.ac.be

Hierarchical name structure + delegation = workable structure


Translating domain names Database

o not centralised (bottleneck!)

o name server• Translate domain name IP-address

o hierarchy of name server

For each domain (zone): separate (primary) name servero Zone = sub tree of name space tree

o Primary name server• Gets info from a zone file on disk


Domain names Internet domain names <> zones


Translating domain namesName server of cs.kuleuven.ac.be

Systems/subdomainsSystems/subdomains typetype IP-adresIP-adresof cs.kuleuven.ac.beof cs.kuleuven.ac.be

nixnix AA 134.58.42.36134.58.42.36

idefixidefix AA 134.58.41.7134.58.41.7

droopydroopy AA 134.58.41.10134.58.41.10

stevinstevin AA 134.58.41.16134.58.41.16

......

A = AddressA = Address


Translating domain namesName server of kuleuven.ac.be

Machines/subdomeinenMachines/subdomeinen typetype IP-adresIP-adresvan kuleuven.ac.bevan kuleuven.ac.be

cscs NSNS 134.58.39.1134.58.39.1

esatesat NSNS ……

wwwwww AA ……

......

NS = NameServerNS = NameServer


Translating domain names Resource records

Field Meaning

Domain_Name Name to which the record applies

Time_to_live Indicates how stable the record is

Class IN for Internet; …

Type Kind of record

Value Value appropriate for type


Translating domain names Principal DNS Resource record types

Type Meaning Value

SOA Start of authority Parameters for this zone

A IP address of host 32-bit integer

NS Name Server Name of name server for this domain

MX Mail exchange Priority, domain willing to accept email

CNAME Canonical Name Domain Name

PTR Pointer Alias for an IP address

HINFO Host description CPU and OS in ascii

TXT Text Uninterpreted ascii text


Translating domain names Part of DNS database for cs.kuleuven.ac.be; Authoritative data for cs.kuleuven.ac.be

;

$TTL 86400 ; default TTL = 1 day

@ IN SOA dns.cs.kuleuven.ac.be. postmaster.cs.kuleuven.ac.be. (

2002042601 ; serial

10800 ; refresh (3h)

1800 ; retry (30m)

3600000 ; expire (>5w)

86400 ) ; default (1d)

;

;


Translating domain names Part of DNS database for cs.kuleuven.ac.be (cont.)

; General info for zone CS.KULEUVEN.AC.BE

NS snoopy.cs.kuleuven.ac.be.

NS dns.cs.kuleuven.ac.be.

NS ns1.kulnet.kuleuven.ac.be.

NS ns.be.ubizen.com.

NS secdns.eunet.be.

; dns.cs.kuleuven.ac.be is used as secondary for be. and others

dns A 134.58.40.4

; general MX records

cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be.

MX 100 mail.cc.kuleuven.ac.be.

st.cs.kuleuven.ac.be. MX 10 st.cs.kuleuven.ac.be.

MX 20 mailrelay.cs.kuleuven.ac.be.

MX 100 mail.cc.kuleuven.ac.be.



calendar CNAME billie.cs.kuleuven.ac.be.

ssh 3600 CNAME billie.cs.kuleuven.ac.be.

lp-kleur CNAME delphi.cs.kuleuven.ac.be.

lp-wit CNAME medusa.cs.kuleuven.ac.be.

; Cnames do not work for MX's

;ftp 3600 CNAME arachne.cs.kuleuven.ac.be.

ftp 1800 A 134.58.40.10

MX 18 mail.cs.kuleuven.ac.be.


; HINFO Sparc Solaris



; our switch/router/firewall/ntp-server

;

lswitch-cw A 134.58.250.50

A 134.58.39.254

A 134.58.41.254

A 134.58.42.254

A 134.58.43.254

A 134.58.44.245

A 134.58.45.254

A 134.58.46.254



RP hostmaster contact.cs.kuleuven.ac.be.

;



snoopy A 134.58.41.8

A 134.58.42.3

A 134.58.43.4

A 134.58.45.1

A 134.58.46.63

A 134.58.39.1

MX 10 snoopy.cs.kuleuven.ac.be.



; HINFO SunULTRA2Server Solaris



panoramix A 134.58.45.66

MX 10 panoramix.cs.kuleuven.ac.be.



RP pv contact.cs.kuleuven.ac.be.

; HINFO i86 Linux

ubiz A 134.58.39.91



RP pv contact.cs.kuleuven.ac.be.

; HINFO IBM_ThinkPad Windows2000


Translating domain names Part of DNS database for .be

$ORIGIN .

$TTL 86400 ; 1 day

be IN SOA master.ns.dns.be. tech.dns.be. (

2002052301 ; serial

3600 ; refresh (1 hour)

1800 ; retry (30 minutes)

3600000 ; expire (5 weeks 6 days 16 hours)

600 ; minimum (10 minutes)

)

NS dns.cs.kuleuven.ac.be.

NS master.ns.dns.be.

NS woluwe.ns.dns.be.

NS hasselt.ns.dns.be.

NS vilvoorde.ns.dns.be.


Translating domain names Part of DNS database for .be (cont.)

$ORIGIN be.

007 NS ns3.asp

NS ns4.asp

ac NS ns.belnet

NS ns1.surfnet.nl.

NS ns3.belnet

$ORIGIN ac.be.

dns.cs.kuleuven A 134.58.40.4

$ORIGIN be.

huens NS ns.be.ubizen.com.

NS dns.cs.kuleuven.ac

verbaeten NS ns.yournamehosting.com.

NS ns.yournamewebhosting.com.


Translating domain names

Name server of TLD nameso = root name server

o Known IP-address

o Contains only references to TLD name servers


Resolving domain names

Example : www.cs.vu.nl

Lokale NSLokale NS

(cs.kuleuven.ac.be(cs.kuleuven.ac.be))

www.cs.vu.www.cs.vu.nlnl

Root-NSRoot-NS

NS (nl)NS (nl)

NS (vu.nl)NS (vu.nl)

NS (cs.vu.nl)NS (cs.vu.nl)130.37.24.1130.37.24.111

130.37.24.1130.37.24.111



Iterative (see previous slide)o Name server returns reference

Recursive

o Scheme of forwarding requests to “better” name servers

o Correct figure?

Comparison?

2 schemes



Cumbersome?o Name servers: “cache”

o Translations are cached during the specified time (TTL)

Vulnerable?o Name server can crash

o For each domain: many name servers• One primary: returns authoritative records

• At least one secondary: return cached records, possibly out of date


DNS Security

Normal situation.

Can we trust the DNS Replies?


DNS Security

Normal situation. An attack based on breaking into DNS and modifying Bob's record.

Can we trust the DNS Replies?


DNS Security How Trudy spoofs Alice's ISP.

o Reply faster than DNS server!


DNS Security Solution: DNSsec

o New records• KEY: public key of zone

• SIG: signed (with secret key) hash of set of resource records

o Signed Replies from servers• Set of resource records (RRSets)

+ SIG


DNS security Resource Record set for bob.com:

o A-record(s) for bob.com

o Public key for bob.com

o Signature of hash of A record & Key record, signed with signature of com




E-mail Major components:

o User agent

o Mail servers• = Transfer agents

o Protocols• Transfer: SMTP

• Access: POP, IMAP

user mailbox

outgoing message queue

mailserver

useragent

useragent

useragent

mailserver

useragent

mailserver

useragent

SMTP

SMTP

SMTP

POP

IMAP

useragent

SMTP

POP


E-mail: user agent Internet E-mail addresses

[email protected]

[email protected]

[email protected]

o after @: domain name

o before @:

• login_name

• FirstName.LastName

• Name_of_Group


E-mail: user agent E-mail programs

o Often (mostly) graphical user interface

o functionality:• receive & read messages

• compose & send a message

• reply to a message

• forward a message

• Store messages in folders

• maintain file with addresses

o E.g.: Netscape, Exchange, Eudora, pine, elm, ...


E-mail: user agent E-mail program: Netscape


E-mail: message RFC 822: standard for text message format: Structure of a message

o HeaderFrom: senderTo: destinationCc: copy to …Subject:

o Blank line

o Message body

Must be ASCII!!!

header

body


E-mail: messageSubject: mail voor luce

Date: Mon, 20 May 2002 10:21:34 +0200

From: Jean Huens <[email protected]>

To: Pierre Verbaeten <[email protected]>

CC: Bart Swennen <[email protected]>

Pierre,

vermits jullie in Leuven wonen kan je voor Luce ook een postbox.be adres

krijgen.

info op www.postbox.be

Jean


E-mail: message RFC 822 Header fields, related to transport

Header Meaning

To: E-mail address(es) of primary recipient(s)

Cc: E-mail address(es) of secondary recipient(s)

Bcc: E-mail address(es) for blind carbon copies

From: Person who created the message

Sender: E-mail address of actual sender

Received: Line added by each transfer agent along the route

Return-Path Can be used to identify a path back to the sender


E-mail: message Other RFC 822 header fields

Header Meaning

Date: The date and time the message was sent

Reply-To: E-mail address to which the reply should be sent

Message-Id: Unique number for referencing the message later

In-Reply-To: Message-Id of the message to which this is a reply

References: Other relevant message-Ids

Keywords: User chosen keywords

Subject: Short summary of the message for the one-line display

X-* User defined header


E-Mail: mail servers mail server =

system responsible for the E-mail handling within an organisation: o Talks smtp with other mail servers

o Stores received messages for local users in its mailbox

o Sends messages for remote users to the appropriate mail server

o Accepts mail from local user agents

mailserver

mailserver

useragent

useragent

mailserver

useragent

SMTP

SMTP

SMTP

SMTP


E-Mail: smtp protocol Defined in RFC 821 Interaction in command/response mode

three phases of transfer

o handshaking (greeting)

o transfer of messages

o closure messages must be 7-bit ASCII

client

commands

response

Sending server orUser agent

reliable transfer

server


E-Mail: smtp protocol try smtp interaction for yourself:

o telnet servername 25o wait for reply from server:

220 …o enter commands:

HELO, MAIL FROM, RCPT TO, DATA, QUIT send an email without using email client (reader)


E-Mail: smtp protocol: example

Connect to mail server ….

billie$ telnet mail.cs.kuleuven.ac.be 25

Trying 134.58.41.11...

Connected to mail.cs.kuleuven.ac.be.

Escape character is '^]'.

220 iris.cs.kuleuven.ac.be ESMTP Mail Transfer Agent ; Wed, 22 May 2002 16:31:50 +0200 (MEST)

Dialogue with mail server


E-Mail: smtp protocol : example Dialogue with mail serverHELO ubiz.cs.kuleuven.ac.be

250 iris.cs.kuleuven.ac.be Hello billie.cs.kuleuven.ac.be [134.58.41.39], pleased to meet you

MAIL FROM [email protected]

501 5.5.2 Syntax error in parameters scanning "FROM"

MAIL FROM: [email protected]

250 2.1.0 [email protected]... Sender ok

RCPT TO:[email protected]

250 2.1.5 [email protected]... Recipient ok

DATA

354 Enter mail, end with "." on a line by itself

Enter Message (header + body)


E-Mail: smtp protocol : exampleEnter Message (header + body)Subject: testDate Wed, 22 May 2002 16:35:00From: [email protected]: [email protected]

ingetikte mailPierre.250 2.0.0 g4MEXXG06443 Message accepted for deliveryQUIT221 2.0.0 iris.cs.kuleuven.ac.be closing connectionConnection closed by foreign host.billie$


E-Mail: smtp protocol summary

o Simple text based protocol: 7-bit ascii• Line with “.” only to indicate end of message

• This string excluded inside message

o smtp requires reliable connections• TCP: reliable byte stream

o ESMTP extensions• Negotiate special services

o other contents: voice, video,… MIME extensions


E-Mail: esmtp extensions Approach

o EHLO command: extensions available at server?

o Symbolic name for each extensiono Optional parameters for MAIL FROM: & RCPT TO

Some extensionso 8BITMIME: 8 bit data, still lines

o BINARYMIME: arbitrary data

o SIZE: server informs client of max size of message

o CHECKPOINT: support for resuming broken sessions

o DSN: delivery status notification


E-Mail: MIME extensions

MIME: multimedia mail extension, RFC 1341, 1521 additional lines in message header declare MIME content type Content encoded into ascii text

From: [email protected]: [email protected]: PictureMIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg

base64 encoded data ..... ......................... ......base64 encoded data

multimedia datatype, subtype,

method usedto encode data

MIME version

encoded data


RFC headers related tp MIME

E-Mail: MIME extensions

Header Meaning

MIME-version Identifies MIME version

Content-Description Human-readable string telling what is in the message

Content-Id Unique identifier

Content-Transfer-Encoding How the body is encoded for translation

Content-Type Nature of the message


E-Mail: MIME extensions Mime types/subtypes RFC 1521

Type Subtype Description

text Plain Unformatted text

Richtext Text including simple formatting commands

Image Gif Still picture in GIF format

Jpeg Still picture in JPEG forma

Audio Basic Audible sound

Video Mpeg Movie in … format

Application Octet-stream An uninterpreted byte sequence

Postscript A printable document in Postscript

Message RFC822 A MIME RFC 822 message

Partial Message split for transmission

External-body Message itsef must be fetched over the net

Multipart Mixed Independent parts in the specified order

Alernative Same message in different formats

Parallel Parts must be viewed simultaneously

Digest Each part is a complete RFC 822 message


E-Mail: MIME extensionsFrom: [email protected]: [email protected]: Picture of SarahMIME-Version: 1.0 Content-Type: multipart/mixed; boundary=98766789 --98766789Content-Transfer-Encoding: quoted-printableContent-Type: text/plain

Dear Hilde, Please find a picture of Sarah--98766789Content-Transfer-Encoding: base64Content-Type: image/jpeg

base64 encoded data ..... ......................... ......base64 encoded data --98766789--


E-Mail: MIME extensions Transfer Encoding

o SMTP requires ascii only in message

o So conversions (encode – decode) necessary

Encoding schemeso Just ascii

o 8-bit ascii: violation; does not always work!

o ascii + simple markup language (html)

o Base64 encoding (ascii armor)• 24 bits broken up in 4 * 6 bits

• Each group of 6 bits represented as one ascii character

o Quoted-printable• 7-bit ascii

• Char > 127 “=“ + char value as 2 hex digits


E-mail: access protocols E-mail servers

o send / receive messages

o Communicate with user agents

SMTPSMTP SMTPSMTP

IMAPIMAPSMTPSMTP Simple Mail Transfer ProtocolSimple Mail Transfer Protocol

POPPOP Post Office ProtocolPost Office Protocol

IMAPIMAP Internet Mail Access ProtocolInternet Mail Access Protocol

mailserver

useragent

mailserver

useragent


E-mail: access protocols 2 configurations

• UA on same system as mail server

• UA on PC, using POP to access mail server


E-mail: access protocols: POP3 POP: Post Office Protocol

o authorisation of agent (at server)

o Download: retrieve & delete at server <> retrieve only

o OK for users using fixed UA

RFC 1939

Example: use POP3 to fetch 3 messages


E-mail: access protocols POP: Post Office Protocol [RFC 1939]

o authorisation of agent (at server)

o Download: retrieve & delete at server <> retrieve only

o OK for users using fixed UA

IMAP: Internet Mail Access Protocol [RFC 1730]o more features & more complex

o Supports users reading mail from different UAs

o manipulation of stored messages on server

Web based user agentso HTTP: Hotmail , Yahoo, …


E-mail: access protocols Comparison: POP3 <> IMAP


E-mail gateways Interconnect different E-mail systems

Internet

RFC822OSIX400


E-mail security Requirements:

o Privacy

o Authentication

o Integrity

o Non repudiation

Systemso PGP – Pretty Good Privacy

o PEM – Privacy Enhanced Mail

o S/Mime


E-mail security: PGP Designed by Zimmerman (1995)

o Promoter of privacy

o <> US government

Open source software Uses existing cryptographic algorithms

o IDEA – International Data Encryption Algorithm• Timeline: DES IDEA AES

o RSA

o MD5


E-mail security: PGP Operation of PGP: mail message P from Alice to Bob

Decentralised storage of public keys: trust?


E-mail security: PEM – S/MIME PEM – Privacy enhanced mail

o Internet standard: RFC 1421 – 1424

o Similar to PGP

o Keys: X.509 certificates from CAs in strict hierarchy

o Single root CA manager? Trust?

S/MIMEo Internet standard: RFC 2632 – 2643

o Integration with MIME

o No restrictions on CAs




Terminal Access: TELNET History

o Oldest Internet application

o 1983 final form issued as RFC 854 and RFC 855

o Still useful application

o Basis for other protocols

From old to current environment ….


Terminal Access: TELNET Original environment


Terminal Access: TELNET Current environment

PC orPC or workstationworkstation

serverserver


Terminal Access: TELNET Local login

o Characters typed• From terminal

• To terminal driver

• To Operating system

• To application

o For some characters • Interpretation by OS

Operating system

-----------------

-----------------

-----------------

Application programs

Terminal driver


Terminal Access: TELNET Remote login

Operating system

-----------------

Telnet Client

Terminal driver Physical

Data link

IP

TCP

Operating system

-----------------

-----------------

-----------------

Application programs

Pseudoterminal driver

-----------------

TelnetServer

Physical

Data link

IP

TCP

Different character sets!!


Terminal Access: TELNET Network Virtual Terminal

-----------------

Telnet Client-----------------

Telnet Server

Pseudoterminal driver

Local computer

Character set

NVT character set Remote computer

Character set


Terminal Access: TELNET NVT character set

o Data characters• NVT ascii = ‘0’ + 7 bit US Ascii

o Remote control characters• ‘1’ + 7 bits

• Examples

– Option negotiation characters

– Characters to control remote application» Erase character

» Erase line

» Interrupt process


Terminal Access: TELNET Phases of operation

o Connection management• Connection request and termination

• TCP is used

o Negotiation• Determine a mutually agreeable set of characteristics:

– Line length, terminal type, terminal speed

o Control• Exchange of control information and commands: end of line,

interrupt process

o Data• Transfer of data


Terminal Access: TELNET RLOGIN

o Remote login program designed for BSD Unix

SSHo Secure remote login program

o Offers:• Authentication: uses public key encryption

• Privacy: exchanged data are encrypted

• Integrity

• Tunneling


Computer Networks

Applications

Application layer -- May 20041 Computer Networks Application layer.

Documents

domain zone

servertranslate domain

domain willing

names of organisations

telnetdomain names ip

new names

vzw dns

general info