Nokia 9290 manual SSL and TLS, WAP security, Web browser, Reading and sending mail

Page 38

To enhance the security of PAP, CHAP, and MS-CHAP, some other authentication methods can be used when creating a network connection. If the method works with normal PAP or CHAP, it can be used with the Nokia 9290 Communicator. Other login schemes can be supported using a login script. Some of the alternatives are:

Callback system (supported PPP callback protocols: IETF type 0 [RFC 1570] and the Microsoft callback protocol)

Centralized security (authentication server configured based on RADIUS [RFC 2138] and TACACS [RFC 1492])

Multiple Passwords and one-time password schemes

Token-based security

10.5 SSL and TLS

The Nokia 9290 Communicator supports the SSLv3 (Secure Socket Layer) and TLSv1 (Transport Layer Security) protocols. These protocols are integrated in the socket interface, so third-party programs can easily use these protocols to offer secure Internet connections.

10.5.1 Web browser

Web URLs (addresses) that start with “https” are SSL-secured connections. The SSL connection is negotiated with the server and then the data is transferred over the encrypted connection. A small lock symbol is displayed as an indication that the connection is encrypted.

The encryption strength depends on the SSL server. The Nokia 9290 Communicator supports strong 128 bit encryption in SSL and TLS, but can downgrade its security to a lower level if the server is not capable of handling such strong encryption.

The authenticity of the Web server is determined by the help of certificates in the Certificate management tool. As discussed above in the software security chapter, the user can select which certificates are trusted and which are not. When connecting to a server, whose identity is certified by a trusted party, there will be no warning note. Other- wise, the user will be able to review the identification offered by the remote server. Some certification authority root certificates are factory-installed on the device; Nokia does not endorse any specific certification authority.

The HTTP (Hypertext Transfer Protocol) also provides a simple authentication protocol, which uses a username/ password pair. It can be used to authenticate the user to a remote server. This method can be used over the SSL for additional security.

10.5.2 Reading and sending mail

Access to remote mailboxes (IMAP and POP) and sending mail (SMTP) can also be secured using the SSL/TLS. You can request a secure connection by ticking the appropriate box in the settings.

In order to use secure connections with electronic mail, the mail server has to support the “starttls” command (IMAP, SMTP) or the “stls” command (POP).

Note: Sending electronic mail over a secure connection does not encrypt the mail itself, only the connection to the mail server. After the mail continues to its destination from the first mail server, it is not encrypted. This feature is most useful when accessing mail servers in a secure intranet through a public Internet service provider.

10.5.3 Supported encryption algorithms

The selection of algorithms depends on the protocol being used. It is advisable to avoid the use of “export-grade” algorithms (RC4 with 40 secret bits and DES) for security reasons. The Nokia 9290 Communicator supports the following cryptographic algorithms in SSL/TLS:

For server authentication and/or key exchange: RSA, DSA, and Diffie-Hellman

For data encryption: RC4™ (plus the “export” version with 40 secret bits), DES, and Triple-DES

10.6 WAP security

When using WAP for a data call, the dial-up security is the same as with Internet services. Please refer to the chapter above.

WAP uses an optional security layer called WTLS. This can be turned on in the settings, or the server can mandate it. WTLS security ends at the WAP gateway. Connections to the target server from the WAP gateway might not be encrypted.

WAP Forum specifies WTLS. The Nokia 9290 Communicator supports strong 128 bit encryption in WTLS, but is able to lower the security level if required by the server. The Nokia 9290 Communicator supports server authentication and key exchange using the RSA algorithm and data encryption using the RC5™ algorithm. The gateway is authenticated using certificates. Some certification authority root certifi- cates are factory-installed on the device; Nokia does not endorse any specific certification authority.

35

Image 38
Contents Nokia 9290 Communicator Page Chapter Page Introduction Contents Nokia 9290 CommunicatorTechnical specification GSM phone feature list Content of the sales package Optional Nokia original accessories To use the phoneApplications Messaging DeskTel 1 SMS3 Fax InternetContacts 1 WWWExtras CalendarOffice Other applications PC Connectivity Multimedia converter Upgrade softwareNokia 9290 Administrator Suite Nokia 9290 Communicator and Data Services Available connection speeds are IntroductionData call and high-speed data options Nokia 9290 Communicator and Internet Service Type in the Username for your Internet account Creating Internet connectionsConnection details Modifying data call settings Advanced settingsSetting proxies Taking callback into use Other settingsSetting script options Editing Internet access Setting server address optionsDefault parameters and settings Nokia 9290 Communicator and E-MAIL Service Mail settings GeneralAdvanced ServersRetrieve Press the Menu key to activate the Servers tabPCmail and Nokia 9290 Communicator Compatible e-mail systemsRFC Request for Comments documents Other solutionsSupported e-mail attachments Attachment type File extensions Mime Types Nokia 9290 Communicator and WAP Service Setting home Supported images, their suffixes, and MIME-typesConfiguring Non-supported feature sets Creating configuration messagesConfiguration over SMS only Further information and supportNokia 9290 Communicator and Security Software security Hardware and SIM card securityRadio interface security Internet and intranetWeb browser SSL and TLSWAP security Reading and sending mailForum Nokia Community for Developers Information for Symbian application developers Developing optimized WAP servicesNokia Developer ProPoint Third-party connectivity solutions You can find the Forum Nokia Web site atAbbreviation Abbreviation Shortcuts for the Nokia 9290 Communicator Shortcuts for the Nokia 9290 Communicator Shortcut FunctionSetup Checklist Setup checklist MailLegal Notices Nokia Inc 800-4MY-9290

9290 specifications

The Nokia 9290, launched in the early 2000s, is a remarkable device that marked a significant step in mobile technology. This smartphone is recognized for blending the features of a traditional mobile phone and a PDA (Personal Digital Assistant), making it an essential tool for professionals on the go.

One of the standout features of the Nokia 9290 is its unique design. It boasts a clamshell form factor that was ahead of its time, allowing users to protect the screen and keypad when not in use. Upon opening the device, users are greeted with a spacious and vibrant color display, which was a rarity for mobile devices of its era. The screen size at 800 x 600 pixels offered clear visibility of texts and images, improving user experience.

The Nokia 9290 supports a range of productivity tools, including a built-in calendar, task manager, and contacts application. It enables users to manage their schedules and keep track of important contacts seamlessly. This functionality is complemented by the ability to send and receive emails, a significant feature for business users of that time. The device utilizes the Symbian operating system, known for its multitasking capabilities, allowing users to switch between applications effortlessly.

Connectivity is another major aspect of the Nokia 9290. It supports GPRS, enabling users to enjoy mobile internet access, which was a groundbreaking feature back in the day. The device also included Bluetooth technology for wireless data transfer with compatible devices, though its wireless capabilities were limited compared to modern standards.

In terms of storage, the Nokia 9290 came with an internal memory of 4MB, expandable via the use of a Multimedia Card (MMC). This expansion capability allowed users to store documents, files, and multimedia, making it a versatile option for its time.

The Nokia 9290's battery life is commendable, providing extended use between charges. With a talk time of up to 6 hours and a standby time of up to 200 hours, users could rely on its stamina during long workdays.

Overall, the Nokia 9290 encapsulated the essence of early mobile computing, marrying phone functionality with the utility of PDA features. Its combination of design, features, and connectivity options made it a standout device that paved the way for future smartphones and remains a nostalgic piece of technology history.