Web Hosting, Domain Host, Webhosting, Windows Web Hosting, Web Design

Alien Hosts Web Hosting Providers
 
Alien Hosts Web Hosting Compare Our Hosting Plans & Options Sign -up For A Web Host PlanContact Alien Hosts
 

What is SSL?

The SSL (Secure Sockets Layer) Handshake Protocol [Hic95] was developed by Netscape Communications Corporation to provide security and privacy over the Internet. The protocol supports server and client authentication. The SSL protocol is application independent, allowing protocols like HTTP (HyperText Transfer Protocol), FTP (File Transfer Protocol), and Telnet to be layered on top of it transparently. Still, SSL is optimized for HTTP; for FTP, IPSec (see Question 5.1.4) might be preferable. The SSL protocol is able to negotiate encryption keys as well as authenticate the server before data is exchanged by the higher-level application. The SSL protocol maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication codes.

The SSL Handshake Protocol consists of two phases: server authentication and an optional client authentication. In the first phase, the server, in response to a client's request, sends its certificate and its cipher preferences. The client then generates a master key, which it encrypts with the server's public key, and transmits the encrypted master key to the server. The server recovers the master key and authenticates itself to the client by returning a message authenticated with the master key. Subsequent data is encrypted and authenticated with keys derived from this master key. In the optional second phase, the server sends a challenge to the client. The client authenticates itself to the server by returning the client's digital signature on the challenge, as well as its public-key certificate.

A variety of cryptographic algorithms are supported by SSL. During the ``handshaking'' process, the RSA public-key cryptosystem (see Section 3.1) is used. After the exchange of keys, a number of ciphers are used. These include RC2 (see Question 3.6.2), RC4 (see Question 3.6.3), IDEA (see Question 3.6.7), DES (see Section 3.2), and triple-DES (see Question 3.2.6). The MD5 message-digest algorithm (see Question 3.6.6) is also used. The public-key certificates follow the X.509 syntax (see Question 5.3.3).

For more information on SSL 3.0, see http://home.netscape.com/eng/ssl3/index.html.

TLS (Transport Layer Security) is a protocol that is based on and very similar to SSL 3.0; for more information about TLS 1.0, see ftp://ftp.isi.edu/in-notes/rfc2246.txt.

We should also mention WTLS (Wireless TLS), which specifies the security layer protocol in WAP (Wireless Application Protocol); WAP is the de facto standard for the delivery and presentation of information to wireless devices such as mobile phones and pagers. WTLS is very similar to TLS but optimized for low-bandwidth bearer networks. For more information on WAP and WTLS, see http://www.wapforum.org/what/technical.htm.

Various Web Hosting Info Pages
What is ASP?
What is ASP .NET?
Bandwidth
CGI The Common Gateway Interface
What is Co-location?
What is a Database?
GUIDE TO DNS PROTOCOL
An Introduction to Domain Names
What is Email?
How Email Works
What are FrontPage Server Extensions?
What is Perl?
What is PHP?
What Is a SMTP Email Server?
What is SQL?
SSI Server Side Includes
What is SSL?
What Is UNIX?
Windows 2003 Server
The Original & Complete Article Is Located at: http://www.rsasecurity.com/rsalabs/faq/5-1-2.html
  
Alien Hosts© 2003

Web Hosting, Domain Host, Webhosting, Windows Web Hosting, Web Design