22. Internet Protocols

📨 1. What is MIME

Email format that supports attachments like images and documents.
🧠 Sticky: MIME = email that speaks more than plain text.

🔐 2. Why does MIME need security

It doesn’t protect data — can be spoofed, read, or modified.
🧠 Sticky: MIME is a loudmouth — anyone can listen unless we secure it.

🛡️ 3. What is S/MIME

Secure MIME — adds encryption and digital signatures to emails.
🧠 Sticky: S/MIME = sealed and signed envelope for your emails.

🧾 4. Key Functions of S/MIME

Authentication, Integrity, Confidentiality, Non-repudiation.
🧠 Sticky: “Signed, Sealed, Delivered, Secret”

📄 5. S/MIME Content Types

Signed-only, Encrypted-only, or both (Signed + Encrypted).
🧠 Sticky: Email outfits — some encrypted, some signed, some dressed in both.

✍️ 6. Digital Signatures in S/MIME

Sender signs with private key, recipient verifies with public key.
🧠 Sticky: Like writing your name in invisible ink only you can create.

🧬 7. Why Base64

Makes encrypted email content safe to send as text.
🧠 Sticky: Turns binary into readable email-friendly text.

🔐 8. S/MIME Encryption Process

Encrypt message with symmetric key → encrypt key with recipient’s public key.
🧠 Sticky: Lockbox inside a vault.

🪪 9. Public Key Certificates in S/MIME

Attached to email to prove sender’s identity.
🧠 Sticky: Your digital passport.

📬 10. What is DKIM

DomainKeys Identified Mail — signs email at the domain level.
🧠 Sticky: The company stamps every outgoing email.

❓ 11. Why DKIM

Prevents spoofing — proves an email came from your domain.
🧠 Sticky: Signed by the castle, not just the knight.

😕 12. Limitations of S/MIME

Only protects individual users, not entire domains.
🧠 Sticky: One soldier signs a message — DKIM signs for the whole army.

🛠️ 13. How DKIM Works

Mail server signs email → public key stored in DNS.
🧠 Sticky: DNS = lockbox with the public key.

🧩 14. Signature Components in DKIM

Includes domain, selector, hash, timestamp, headers.
🧠 Sticky: Receipts for every part of the message.

🛡️ 15. Security Benefits of DKIM

Stops tampering, ties message to sender’s domain.
🧠 Sticky: DNA test for your email’s origin.

🌐 16. What is TLS

Secures data sent over the internet — replacement for SSL.
🧠 Sticky: Private tunnel between two devices.

🧱 17. TLS Architecture

Sits between app and transport layer to protect data.
🧠 Sticky: Armor on top of the mail truck.

🧑‍🤝‍🧑 18. TLS Session vs. Connection

Session = long-term settings, Connection = one-time data link.
🧠 Sticky: Session = friendship; Connection = single text.

📦 19. TLS Record Protocol

Breaks data into chunks, compresses, encrypts, MACs, sends.
🧠 Sticky: Factory line: chop, wrap, seal, ship.

🤝 20. TLS Handshake (4 Phases)

1. Pick algorithms
   2. Authenticate server
   3. Exchange keys
   4. Start session
      🧠 Sticky: Like dating → choose, verify, share secrets, commit.

🚨 21. Alert & Heartbeat Protocols

Alerts report errors; Heartbeat keeps connection alive.
🧠 Sticky: Alert = red flag. Heartbeat = “you still there

💔 22. Heartbleed

Bug in Heartbeat → attackers could read server memory.
🧠 Sticky: The server’s heart bled secrets.

🔐 23. What is HTTPS

HTTP + TLS = secure website connection.
🧠 Sticky: HTTP wearing armor.

❗ 24. Why HTTPS

Protects login info, forms, cookies, URLs, etc.
🧠 Sticky: Locks your browser conversation.

🛡️ 25. What HTTPS Encrypts

URLs, headers, cookies, forms — everything after the domain.
🧠 Sticky: Not just the message — the envelope and ink too.

🔁 26. HTTPS Is Not a New Protocol

Just HTTP over TLS.
🧠 Sticky: Same dish, served with a lid.

🔚 27. HTTPS Connection Close

Ends with a special “close_notify” message.
🧠 Sticky: Politely hang up the phone.

🌍 28. What is IPsec

Secures IP packets — used in VPNs.
🧠 Sticky: Armor at the road level, not just at the house.

💡 29. Why IPsec

Used for VPNs, private routing, secure infrastructure.
🧠 Sticky: IPsec = company’s private freeway.

🔑 30. Key Functions of IPsec

Encryption, authentication, replay protection.
🧠 Sticky: No peeking, no faking, no rewinding.

🧾 31. Security Associations (SA)

Agreement between sender/receiver about keys/settings.
🧠 Sticky: A signed contract between two devices.

📦 32. ESP – Encapsulating Security Payload

Encrypts and authenticates payloads.
🧠 Sticky: Bubble-wrap for your IP packets.

🚚 33. Transport vs. Tunnel Mode

• Transport = only payload is encrypted
• Tunnel = whole IP packet is encrypted
🧠 Sticky: Transport = sealed letter. Tunnel = sealed envelope in a box.

🛤️ 34. Tunnel Mode Example

Used for secure VPN tunnels.
🧠 Sticky: Train wrapped in steel casing for safe travel.