Internet Draft R. Plzak Document: ARIN G. Malkin Nortel Networks Walter Houser VA October 2001 FYI on Questions and Answers Answers to Commonly asked "Experienced Internet User" Questions Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [1]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 1. Abstract This memo provides information to the experienced Internet user that wants to know more. The term "experienced user" is used to differentiate this user from the new users addressed by FYI4. The term experienced is relative. For the purpose of this memo _experienced_ is any user who is familiar with the concepts described in FYI 4. The information provided in this memo is what may be described as an upper level or top level description of some of the applications and protocols that are in common use on the Internet today. This memo does not provide precise technical descriptions. For these the reader is referred to the appropriate RFC or other documentation. A conscious effort has been made to keep this memo brief but at the same time provide the depth of information necessary to provide a general understanding of the applications and protocols described. Plzak, Malkin, Houser 1 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [2]. 3. Doing Things on the Internet or "How Does It Work?" 3.1. How does email work? Electronic mail is a lot like regular mail (also called snail mail) Your email message has a greeting to the addressee (or _to_ line), a subject, a body, a closing (or _from_ line), enclosures (also called attachments), carbon copies (cc), and blind carbon copies (bcc). After you write your message, your email software puts all this into an envelop with addressing information that repeats some of these same elements on the envelop. It then looks for a computer with a mail service called Simple Mail Transfer Protocol (SMTP), which serves like a mailbox outside your local post office. The SMTP service passes your message to nearby SMTP computers (or servers) who know the destination computer (or domain) for your addressee. If any of these SMTP servers have trouble delivering your message, you will receive a delivery notice explaining the nature of the problem. Because email can be misunderstood or abused, users should be familiar with email netiquette. For more information see Netiquette Guidelines [FYI 28, RFC 1855]. 3.2. What is a Mailing List? A mailing list is a collection of email addresses of people interested in a topic like hobbies, product updates, work projects, and electronic newsletters. Announcement lists go one way from the owner to the members. Discussion lists are two-way. Members send their messages to the list name at the mail list server (e.g. mail- list@listserver.com), which in turn distributes it to all members of a list. The list owner reviews messages sent to a moderated discussion list before they are released to the list. Messages to un-moderated discussion lists are not reviewed. You subscribe and unsubscribe using a separate email address for list maintenance, not the list address. Mail lists often have descriptions and procedures you should review before joining. Please stick to the list topic and use the list maintenance address to leave the list. 3.3. How does the World Wide Web work? Your web browser (Netscape, Internet Explorer, etc.) displays web pages located on various computers operating web servers. These web pages are written in Hypertext Markup Language (HTML) or extensible Markup Language (XML). The web server sends the web pages and images to your PC using the Hypertext Transfer Protocol (HTTP). Your Plzak, Malkin, Houser Expires April 2002 2 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 web browser _renders_ the page, placing images and other page elements in their designated positions in the browser window. As you move your cursor across the page, you should notice the cursor changes shape over what are called _hyperlinks._ Typically underlined and in blue, hyperlinks will take you to other web pages, on the same server or on any web server in the world. Pressing the hyperlink tells your browser to contact that destination web server for the next web page. 3.4. What is Instant Messaging? Many Internet service providers offer Instant messaging (IM) this popular tool for friends to keep in touch using the Internet. You announce your presence by entering your IM _handle_ or nickname into the IM pop-up window. You can use the same window to see your friends are online. Unlike chat (see below), IM is one-to-one; some chatters will have side conversations using IM. Many of the current IM protocols are not yet standardized so you may not be able to IM with someone on another service provider. 3.5. How do I send a lot of data across the Internet? Although you can send files or documents as attachments using email, most SMTP services limit the size or number of attachments. You can use a compression program to either reduce the size of a single attachment or combine several of them into one attachment. Depending on the nature of the attachment(s), its size can be reduced significantly. There are several compression programs that are available on the Internet - some are free. If you routinely have to send a lot of files or a number of large files, you may want to contact your Internet Service Provider to gain access to an HTTP or FTP server. You can then send your addressees the location of the HTTP or FTP server, and they can download these files using FTP instead of clogging up email services with messages with large attachments. 4. Getting around the Internet 4.1. What is an IP address? An Internet Protocol (IP) address is a binary number that is used to uniquely identify an Internet host. It does not provide geographical information. There are two versions of IP addresses in use on the Internet today - IPv4 and IPv6. IPv4, the older version, is a 32-bit number. It has been in use for many years but as the Internet grew there arose concerns about there being enough to go around so the newer 128-bit IPv6 version was developed. IPv6 is in the early stages of use so the Internet continues to use IPv4 addresses. The 32-bit IPv4 address is divided into 4 bytes. In decimal notation each byte is separated by a dot so that a typical Plzak, Malkin, Houser Expires April 2002 3 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 address looks like this: 192.168.202.7. The 128 bits of the IPv6 address are divided into eight (8) groups of 16 bits. The groups are separated by a colon and are written in hexadecimal notation. An IPv6 address looks like this: FEDC:BA98:7654:3210:FEDC:BA98:7654:3210. Thankfully users don't have to remember IP addresses to use the Internet - the Domain Name System (DNS) translates easily remembered names to addresses. 4.2. What is a packet? The word "packet" may be used to reference any unit of transmittable information where the actual layer associated with the packet is either implicit or unimportant. A packet on the wire is properly referred to as a frame. A network layer (IP) packet is called a datagram (the name was coined by Jon Postel). A transport layer (TCP or UDP) packet is called a segment. The packet that the application hands to the network for transmission, is called a packet. 4.3. What is a router? A device which forwards traffic between (sub)networks based on layer 3 (network layer) information. The routing decision is based on information maintained in routing tables, often constructed by routing protocols. Routers used to be referred to as gateways, which is currently too generic a term. Properly, a router is a layer-3 gateway. A bridge, by way of example, is a layer-2 gateway. Routing is the process of determining the correct path for a packet. Forwarding is the process by which a packet is received on one interface and transmitted on another. 4.4. How are packets routed? When a packet (more properly, a datagram) is received on a router's interface, its IP header is examined. If it fails any of several validity checks, it is discarded and an ICMP error message is (usually) sent to the originator of the datagram. The datagram's destination address is then examined. If it specifies one of the router's local addresses, or it is a broadcast, it is delivered to the handler for the protocol specified in the header. If it is a multicast, it may be delivered locally (if the router is receiving that specific address). It may also be forwarded according to the set of rules or routing information governing that multicast address. If the datagram is for any other destination, the best path to that destination (more specifically, the next hop on the path) is determined and the packet is sent out the interface that leads to that next hop. The determination of the best path (for unicast and multicast) datagrams is made based on information in the router's routing tables. That table is populated by configured Plzak, Malkin, Houser Expires April 2002 4 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 information (e.g., static routes), or learned information from a routing protocol (e.g., RIP, OSPG, BGP-4). In most routers, routing information for unicast and multicast routes are kept in separate tables and populated using different routing protocols. For unicast destinations, there are several types of routes: host, subnet, network, supernet and default. Each type of route is less specific than the one before it. For example, a host route specifies one and only one host (i.e., its subnet mask is 255.255.255.255), while a subnet route points to all of the hosts on a specific subnet. The default route specifies the path for a datagram for which no other type of route is available. This hierarchy is referred to as longest match because the preference is for routes which have longer (i.e., more 1-bits) subnet masks, the default route having a mask of 0.0.0.0. 4.5. What is DNS? DNS is the Domain Name System. It is a mechanism by which host names can be converted (resolved) into Internet addresses. A Fully Qualified Domain Name (FQDN) has two parts: the hostname, which is unique within the domain; and the domain name, which is globally unique. For example, atlas.supports.world.com has "atlas" as a hostname and "supports.world.com" as a domain name. The domain name is also made of multiple parts. In this example, "com" is the Top Level Domain (TLD), "world" is the domain assigned out of com, and "supports" is a sub-domain chosen by the owner of world. There may be zero or more sub-domains. The TLD is the space from which the domain is assigned. Contrary to popular belief, there are more domains than com. Originally, "com" was used for vendors that created networking hardware and software; today, it has become the catchall for domain trash. Fortunately, the other domains (except, perhaps, "net" and _org_) have managed to retain their original intents. "Net" is for service provider networks (e.g., ISPs). "Org" is for non-profit organizations. The other TLDs have far more rigid controls. "Edu" is for 4-year colleges (although some 2-year institutions were grand fathered in). "Mil" is the U.S. military, and "gov" is the U.S. government. Two-letter TLDs are country codes (e.g., "us" for the United States, "au" for Australia). The sub-domains under the country domains are managed by their respective countries. In the U.S., for example, there is one sub-domain for each state (e.g., "ma.us" for Massachusetts, "ny.us" for New York). 4.6. How does DNS work? The Domain Name System consists of a group of computers called name servers. These servers contain a special file called a zone file that contains the information necessary to resolve the names of the hosts in the domain into IP addresses or provide a reference to the location of the zone file for a subdomain. These servers are related to each other in the same hierarchical manner as the domains Plzak, Malkin, Houser Expires April 2002 5 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 they support. Names are resolved to numbers in the following manner: The application that is requesting the resolution of a name to an IP address contacts its local server. If the local server knows the answer it provides it to the requestor. If it does not, it must seek the answer elsewhere. The search begins at the top of DNS tree, the root. The local server asks the root server for the answer. The root server provides a partial answer, in that it will identify the servers for the TLD that contains the name. The local server then asks the TLD server for the answer. The TLD server provides a partial answer. It identifies the servers for the subdomain of TLD that contains the name. The search continues in a similar manner until the server that has the zone file that contains the entire name is located. This server then provides the IP number. 4.7. What is an intranet? An intranet is a collection of networks that may or may not be connected to the Internet. Generally, an intranet is maintained and administered by an organization that may be a commercial firm or a government organization. If the intranet is connected to the Internet it is usually done at selected points that control access from the intranet to the Internet and control access from the Internet to the intranet. Typically, only certain services such as email are permitted to flow across these control points. 4.8. What is Tunneling? Tunneling is the term applied to establishing an end-to-end connection for the purpose of providing protected transfer of information across the Internet. One typical method of doing this is encrypt packets at the transmission end and decrypt them at the reception end. 5. Security Considerations 5.1 How do I protect my personal information when I surf the Internet? The ubiquitous nature of the Internet has resulted in widespread concern for the loss of personal privacy. Once your privacy is compromised, you cannot get it back. The US Federal Trade Commission http://WWW.FTC.GOV has established voluntary Fair Information Practices covering notice, consent, access and security. The FTC surveyed over 300 web sites that collect personal information and found that only 20 percent discussed all four elements. In a sample of more popular web sites, only 42 percent covered all four elements of privacy protection. The FTC found that the bankrupt eCommerce Plzak, Malkin, Houser Expires April 2002 6 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 vendor Toysmart violated the FTC Act by attempting to sell customer data after claiming that this data would never be disclosed to a third party. Criminals can use your personal data to steal your identity and credit rating. California Public Interest Research Group found that victims spent between two and four years removing an average of $18,000 in fraudulent card charges charges. Reputable sites should tell you how they are protecting your information by adhering to the FTC's recommended practices. If any of their statements make you uncomfortable, leave the items blank or enter imaginary data. If you do enter your data, print the notice for your files in case it is violated. 5.2 What steps should I take to protect myself when shopping on the Internet? Know the vendor you are dealing with. Only enter credit card information when suing a secure connection to the merchant; look for the little padlock at the bottom of your web browser. US citizens should use a credit card because US law limits your liability for unauthorized charges to $50 dollars. Debit cards do not have such a limit. Use a credit card with a low credit limit. Check your credit history periodically with credit bureaus; thieves can open new accounts using your stolen personal data unbeknownst to you. The US Federal Trade Commission http://www.ftc.gov offers valuable additional suggestions for online shoppers. 6. References [1] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [3] Hambridge, S. "Netiquette Guidelines", RFC 1855, October 1995. Plzak, Malkin, Houser Expires April 2002 7 INTERNET DRAFT FYI Q/A - for New Internet Users October 2001 7. Author's Addresses Raymond Plzak ARIN 4506 Daly Drive, Suite 200 Chantilly, VA 20151 Phone: +1.703.227.9850 Email: plzak@arin.net Gary Malkin Nortel Networks 600 Tech Park Billerica, MA 01621 Phone: +1.978.288.3684 Email: gmalkin@nortelnetworks.com Walter Houser Program Coordination Staff (045APC) Department of Veterans Affairs 810 Vermont Avenue Washington DC 20420 Email: houser.walt@forum.va.gov Full Copyright Statement "Copyright (C) The Internet Society (date). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Plzak, Malkin, Houser Expires April 2002 8