xx Contents Using the <img> Tag 261 Using the <a> Tag 262 Using the <form> Tag 263 Using the <select> Tag 263 Using the <input> Tag 264 Web Clipping Extensions 266 Palm-Specific <meta> Tags 268 Identifying Users with a Device ID 268 Estimating User Location by ZIP Code 270 Selecting a Date with the Datepicker Object 270 Choosing a Date with the Timepicker Object 272 Web Clipping in Action: Examples 274 Using a mailto: Link with Parameters 274 Sending E-mail via a Web Server 276 Guidelines for Authoring your Web Clipping Application 281 Summary 283 Solutions Fast Track 283 Frequently Asked Questions 286 Chapter 7 Deck of Cards: Designing Small Viewpoint Content 289 Introduction 290 Thinking In the Hand, not On the Web 291 Common Mistakes Made by Webmasters 293 Wasting Bandwidth 293 Forgetting Task-Based Design 294 Providing Too Many Options or Too Much Information 295 Using Branded Terminology Instead of Plain Language 296 Thinking Like a Mobile User 297 Segregating Tasks 298 Optimizing Bandwidth 299 Designing Coherent Navigation 303 Avoiding the Common Mistakes Made by Webmasters Some of the more common mistakes made by Webmasters include: ■ Wasting bandwidth ■ Forgetting task-based design ■ Providing too many options or too much information ■ Using branded, Web- like terminology instead of plain language 159_wg_wi_TOC 10/23/01 3:08 PM Page xx Contents xxi Stacking a Deck of Cards 304 Parceling Navigation and Content 305 Utilizing WML Variables 314 Examining Display Differences Between Browsers 320 UP.Browser Interpretation 323 Nokia Interpretation 325 4thPass Kbrowser Interpretation 327 Directory.wml Example 328 Directory2.wml Example 329 Summary 332 Solutions Fast Track 333 Frequently Asked Questions 334 Chapter 8 Wireless Enabling Your Big Bandwidth Site 337 Introduction 338 Defining WAP MIME Types 338 Selecting which MIME Types to Add 339 Adding MIME Types to Your Server Configuration 340 Configuring the Apache Web Server 341 Adding MIME Types to Microsoft IIS 343 Detecting WAP Devices 344 Parsing Header Information 344 HTTP_USER_AGENT 345 HTTP_ACCEPT 349 Reading Other Environmental Variables 350 Redirecting Your Users to Static Content 352 Redirecting Users in PHP 353 Redirecting Users in Perl 353 Optimizing Content Distribution 356 Choosing Mobile Content 357 Convert or Redevelop? 357 Delivering Wireless Data 359 Making Your Applications Accessible 360 Implementing Wireless Graphics 362 Choosing Mobile Content One of the first steps to building any site is choosing what content to display on the site. The primary questions that arise in adapting a large existing site to the wireless Internet are: 1. What content/services might our users want to access while they are mobile? 2. What limitations are there to the existing mobile interfaces that we must consider? 159_wg_wi_TOC 10/23/01 3:08 PM Page xxi xxii Contents File Formats 362 Maintaining Accessibility 363 Converting Your Images 363 Summary 364 Solutions Fast Track 364 Frequently Asked Questions 366 Chapter 9 Microsoft Mobile Internet Toolkit 367 Introduction 368 Overview of the .NET Mobile Architecture 368 Devices Supported by the Microsoft Mobile Internet Toolkit 369 System Requirements 369 Obtaining and Installing the Microsoft Mobile Internet Toolkit 370 Introduction to ASP.NET 371 The Content Components 376 HTML Server Controls 377 ASP.NET Server Controls 377 The Code Components 378 ASP.NET Architecture 380 Developing Mobile Web Forms 381 Using Multiple Forms in a Single Page 385 Linking to Forms on Other Pages 386 Dissecting Code 388 User Inputs 389 Text and Password Input 389 List Selection 393 Selecting from a List 394 Data Binding List Items 396 Dissecting the Codes 399 Events 400 Displaying Images 401 Validation Controls 405 Paginations 407 Calendar Control 409 The Architecture of ASP.NET Web Clients Internet Information Server (IIS) ASP.NET Application .NET Framework Windows NT/2000 OS 159_wg_wi_TOC 10/23/01 3:08 PM Page xxii Contents xxiii Accessing Data with ADO.NET 411 A Brief Look at ADO.NET 411 Data Providers 412 ADO.NET DataReader 414 Dissecting the Codes 415 ADO.NET Dataset 417 Summary 423 Solutions Fast Track 423 Frequently Asked Questions 426 Chapter 10 Securing Your Wireless Web 429 Introduction 430 Comparing Internet and Wireless Security 431 Security Challenges of the Wireless Web 433 Lack of Standards 434 Horsepower, Bandwidth, and Weak Encryption 434 User Awareness and Unsecure Devices 435 Mistrust of Wireless ASPs 436 Potential for New Viruses 436 Understanding Your Security Objectives 437 Security Models of the Wireless Web 438 Public and Private Key Cryptography 439 WTLS and Point-to-Point Security Models 442 How WTLS Works 443 WTLS Classes 444 The WAP Gap 444 The Seven Layers of Point-to-Point Security 446 Embedded Security Technology 447 Mobile Operator Network Security 448 Secure Mobile Operator Gateways 448 Authentication 448 Data Center and Network Security 449 Secure Application Interfaces 452 Problems of a Point-to-Point Security Model 452 Sniffing and Spoofing 452 Session Management and URL Rewriting 453 Understanding the Seven Layers of Point- to-Point Security Point-to-point security can be broken down into seven layers, corresponding to the steps in the communication path between mobile devices and Web servers or applications: 1. Embedded Security Technology 2. Secure Air-Connect Technologies 3. Mobile Operator Network Security 4. Secure Mobile operator Gateways 5. Authentication 6. Data Center and Network Security 7. Secure Application Interfaces 159_wg_wi_TOC 10/23/01 3:08 PM Page xxiii xxiv Contents Man-in-the-Middle Attack 453 No Complete Solution 454 PKI Technology and End-to-End Security Models 454 How to Deploy a PKI 456 Server Side PKI Integration 456 Client Side Devices 456 Choosing a Certificate Authority 456 Certificate Management Framework 457 Certificate Deployment 457 Practical Limits of PKI Technology 457 Using PDAs with PKI Security 458 The Future of Security on the Wireless Web 458 Summary 460 Solutions Fast Track 461 Frequently Asked Questions 464 Webmaster’s Guide to the Wireless Internet Fast Track 467 Index 489 159_wg_wi_TOC 10/23/01 3:08 PM Page xxiv Over the past several decades, advances in computing technology have created widespread changes in the way that the world operates and the means by which we deal with information. Computing has revolutionized the way that business is done, bills are accounted for, and how records are stored.The invention of the underlying sets of protocols to enable communication between computers in the early 1970s and the advent of the personal computer in the 1980s, has helped to sow the seeds for the most recent communications revolution—the Internet. In the mid-1990s, as the World Wide Web matured to include graphics and multimedia components and more and more individuals gained access to affordable computers and Internet accounts, the popularity of the Internet exploded and the number of Web sites and people online grew at an exponential rate. Since then, many Web sites have come and gone and use of the Internet is something that many people in the United States take for granted. In the case of individuals whose livelihood is enabled by the Internet, such as Webmasters, it is something that we cannot live without. We have also seen, over the past two decades, widespread adoption of mobile devices that are capable of enabling communication. Cellular phones are now being used by millions of individuals worldwide, and, in some areas, mobile phones are more reliable and used more often than land-based telephone communications sys- tems. Recently, many phones and other handheld devices now have the ability to access the Internet and send messages between subscribers.These capabilities often include e-mail and the ability to send and receive data via the Hypertext Transfer Protocol (HTTP), although not all of these devices can view the type of HTML that has been associated with the World Wide Web of recent years.The advent of ubiqui- tous mobile Internet computing promises to be another revolution in the ways that human beings interact with each other, manage information, and interact with data applications.This revolution also promises a new landscape in which Webmasters may apply their skills and learn some new ones. xxv Foreword 159_wg_wi_fore 10/23/01 3:09 PM Page xxv xxvi Foreword One common characteristic that most handheld wireless devices share, regardless of the device category, is a relative lack of processing power, memory, and display capabilities as compared to a desktop computer.Wireless networks, in addition, fea- ture a mere trickle of bandwidth compared with a modem, let alone a DSL or T1 connection. It is very important to keep these constraints in mind as you build your content and applications. Furthermore, your wireless users will most likely be accessing your Web site while they are mobile.This fact makes it imperative for you to consider the needs of a mobile user as you consider what types of content you should make available, or what kinds of applications make sense for a mobile user.Also, your user interface should take into account the small viewpoint of the devices that will be accessing your Web site and should also consider the difficulty that often exists with user input on these devices. Webmaster’s Guide to the Wireless Internet is intended to give you, the Webmaster, the skills and knowledge that you will need to add wireless Internet capability to your existing Web site, to build new wireless applications, and to help you understand the issues, both global and domestic, that exist with deploying wireless Internet solu- tions.The primary geographical focus of this book is the United States, but Webmasters in other countries will certainly find the information useful. Webmaster’s Guide to the Wireless Internet is not a lengthy work on the wide variety of protocols that are used to deploy wireless technologies, nor does it focus unnecessarily on the minute details of emerging technologies that are volatile in nature and constantly changing. Rather, it focuses on hands-on examples that will allow you to adapt your existing skills in HTML and server-side scripting to deploy content and applications to a wireless audience using WML,WMLScript, and, in some cases, lean HTML.This book is intended to demystify the wireless landscape and provide you with answers on how to get your wireless Web site up and running quickly. Chapter 1 covers the basics of what makes up the wireless Internet, and how it contrasts with the World Wide Web. Chapter 2 covers the basic architecture of the wireless architecture and provides a comprehensive overview of the components of the wireless Internet and how they fit together. Chapter 3 explains the nuts and bolts of the Wireless Markup Language, the client-side, XML-based markup language that allows devices using the Wireless Application Protocol (WAP) to display Internet content.This chapter will give you an understanding of how this language differs from HTML and will give you the skills to start building your own wireless content. www.syngress.com 159_wg_wi_fore 10/23/01 3:09 PM Page xxvi Foreword xxvii Chapter 4 explains how to add client-side scripting to your WML pages. WMLScript is loosely based on ECMAScript, which is the language that gave rise to both JavaScript and Jscript. Users familiar with these scripting languages will notice a similar syntax and structure, but the means of deployment will differ. Depending on the market in which you want to deploy your content, you may or may not be able to make much real-world use of WMLScript. Chapter 5 explains how to install and use the many Software Development Kits (SDKs) supplied by wireless browser programmers and handset manufacturers to pro- vide you with an emulator and debugger to develop your content or application. Chapter 6 provides an introduction to the proprietary system that allows users of Palm-powered handheld devices to access content located on the Internet.This chapter will give you the information that you will need to start building Web Clipping Applications (WCAs).These special HTML-based applications can be inte- grated with local applications or interact with Web servers located on the Internet. Chapter 7 explains the issues surrounding usability on wireless devices.This chapter will help you build effective small-viewpoint navigation and give you some handy tips on how to make your wireless site more user-friendly by working within the constraints of narrow bandwidth and limited user input. Chapter 8 will give you information and guidelines on how to add wireless capa- bilities to your existing Web site and choose content that is of interest to mobile users. It also covers how to detect wireless devices and discusses the issues sur- rounding automated or on-the-fly conversion of your content for wireless users. Chapter 9 explains how you can use the Microsoft Mobile Internet Toolkit and Mobile Web Forms to deploy content to a wide variety of devices using the same code. It covers how you can maintain state during a wireless or Web transaction and how you can integrate Microsoft’s ActiveX Data Object (ADO) technology to pro- vide interfaces to your data to many different devices. Chapter 10 discusses the technology used to provide secure transactions for wire- less devices and covers the issues surrounding security as it applies within the wireless landscape. Point-to-point and end-to-end security models and the various pitfalls surrounding both models are discussed. The wireless revolution, like any revolution, is not without its challenges.The global market for wireless Internet technologies is highly diverse, with different rates of adoption, competing protocols and technologies, and existing infrastructures that are in some cases more economical to use in the short term than building a new global wireless communications architecture.At present in the United States, there www.syngress.com 159_wg_wi_fore 10/23/01 3:09 PM Page xxvii xxviii Foreword exists a fragmented landscape of telecommunications companies that offer mobile phone service and not all of them are yet capable of offering wireless Internet access (but most are). In Europe, standardized networks and compatible handsets have enabled the wireless Internet to become popular very quickly.Asia has seen similar growth in the use of the wireless Internet, most notably in Japan with NTT/DoCoMo’s iMode system. Many individuals in these markets find that the wireless Internet is an indispensable part of their lives, while the U.S. market has been slow to adopt the technology.There are many reasons for this, including legacy hand- sets, widespread Internet access via personal computers, and a telecommunications market that features competing incompatible protocols and technologies. This book, while comprehensively covering the technologies that already exist on the wireless Internet (and the general principles behind them), does not attempt to address developing technologies that are not yet deployed.There has recently been much speculation and hype about so-called third generation, or 3G networks, which are “just around the corner.” In addition, handset manufacturers have promised many new developments in wireless technology, and, in particular, location-based services. These dreams, at the time of this writing, are not yet a reality. However, the wireless Internet is up and running and more subscribers join in every day.The future certainly promises to be interesting, and Webmaster’s Guide to the Wireless Internet holds much value for Webmasters who wish to add the ability to develop wireless-accessible Web sites to their toolkit.The first step to the future begins today, and we can only expect that the number of mobile devices that are capable of accessing the Internet will grow as time progresses. It’s your job to make sure that there is something worthwhile for individuals to access on the wireless Internet, and this book provides the hands-on examples and explanations that will allow you to do so! —Dan A. Olsen Technical Editor and Contributor www.syngress.com 159_wg_wi_fore 10/23/01 3:09 PM Page xxviii Moving from the Web to Wireless Solutions in this chapter: ■ Explaining Wireless ■ Types of Wireless Connectivity ■ Evolving Mobile Devices ■ Something Old, Something New ■ Moving from a Wired to a Wireless Internet Summary Solutions Fast Track Frequently Asked Questions Chapter 1 1 159_wg_wi_01 10/22/01 4:31 PM Page 1 . 32 7 Directory.wml Example 32 8 Directory2.wml Example 32 9 Summary 33 2 Solutions Fast Track 33 3 Frequently Asked Questions 33 4 Chapter 8 Wireless Enabling Your Big Bandwidth Site 33 7 Introduction 33 8 Defining. Guide to the Wireless Internet is intended to give you, the Webmaster, the skills and knowledge that you will need to add wireless Internet capability to your existing Web site, to build new wireless. architecture of the wireless architecture and provides a comprehensive overview of the components of the wireless Internet and how they fit together. Chapter 3 explains the nuts and bolts of the Wireless