Difference between revisions of "SSL Certificate"
| Line 2: | Line 2: | ||
'''SSL''' is the acronym for '''Secure Sockets Layer.''' It was designed to use applications that will allow users to securely send and receive data over the internet. SSL was developed by [[Netscape]] in 1994. The technology uses two protocols, the '''record protocol''' and '''handshake protocol''' to provide security between communicating applications (client and server). <ref>[http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzain/rzainhistory.htm IBM HIstory of SSL]</ref> The technology is integrated in web browsers e-mail and instant messaging applications and other programs with encryption key given by a Certification Authority in the form of a digital certificate. The digital key is authenticated by the handshake protocol in one or both end points during the SSL connection. The handshake protocol will then set-up a unique symmetric key to generate keys that will encrypt and decrypt data to maintain a secure communications and data transfers between computers during SSL session.<ref>[http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzain/rzainhistory.htm How SSL Works]</ref> | '''SSL''' is the acronym for '''Secure Sockets Layer.''' It was designed to use applications that will allow users to securely send and receive data over the internet. SSL was developed by [[Netscape]] in 1994. The technology uses two protocols, the '''record protocol''' and '''handshake protocol''' to provide security between communicating applications (client and server). <ref>[http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzain/rzainhistory.htm IBM HIstory of SSL]</ref> The technology is integrated in web browsers e-mail and instant messaging applications and other programs with encryption key given by a Certification Authority in the form of a digital certificate. The digital key is authenticated by the handshake protocol in one or both end points during the SSL connection. The handshake protocol will then set-up a unique symmetric key to generate keys that will encrypt and decrypt data to maintain a secure communications and data transfers between computers during SSL session.<ref>[http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzain/rzainhistory.htm How SSL Works]</ref> | ||
| + | |||
| + | ==Basic Properties of SSL Protocol Channel Security== | ||
| + | Based on the Internet Draft submitted by Kipp E.B. Hickman of Netscape to the [[Internet Engineering Task Force|IETF]], the SSL protocol channel security is:<ref>[http://tools.ietf.org/html/draft-hickman-netscape-ssl-00 Internet Draft-SSL Protocol]</ref> | ||
| + | * Private- It uses Symmetric cryptography to encrypt data and define a secret key through a simple handshake. | ||
| + | * Authenticated- Asymmetric cryptography always authenticate the server endpoint of conversation while the client endpoint is optionally authenticated. | ||
| + | * Reliable- It uses Message Authentication Code (MAC) to check the message integrity and secure hash functions. | ||
==References== | ==References== | ||
Revision as of 18:15, 2 November 2011
SSL is the acronym for Secure Sockets Layer. It was designed to use applications that will allow users to securely send and receive data over the internet. SSL was developed by Netscape in 1994. The technology uses two protocols, the record protocol and handshake protocol to provide security between communicating applications (client and server). [1] The technology is integrated in web browsers e-mail and instant messaging applications and other programs with encryption key given by a Certification Authority in the form of a digital certificate. The digital key is authenticated by the handshake protocol in one or both end points during the SSL connection. The handshake protocol will then set-up a unique symmetric key to generate keys that will encrypt and decrypt data to maintain a secure communications and data transfers between computers during SSL session.[2]
Basic Properties of SSL Protocol Channel Security
Based on the Internet Draft submitted by Kipp E.B. Hickman of Netscape to the IETF, the SSL protocol channel security is:[3]
- Private- It uses Symmetric cryptography to encrypt data and define a secret key through a simple handshake.
- Authenticated- Asymmetric cryptography always authenticate the server endpoint of conversation while the client endpoint is optionally authenticated.
- Reliable- It uses Message Authentication Code (MAC) to check the message integrity and secure hash functions.