Secure Sockets Layer: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Howard C. Berkowitz
No edit summary
imported>Sandy Harris
No edit summary
Line 1: Line 1:
{{subpages}}
{{subpages}}
'''Secure Sockets Layer (SSL)''' is an  [[cryptography#two-way encryption|encrypted]] end-to-end [[protocol (computer)| protocol]] that runs between [[World Wide Web]] browsers (i.e., [[Hypertext Transfer Protocol]] *HTTP) clients) and Web servers. It was developed by Netscape <ref name="schneierbook">{{citation  
'''Secure Sockets Layer (SSL)''' is an  [[cryptography#two-way encryption|encrypted]] end-to-end [[protocol (computer)| protocol]] that runs between [[World Wide Web]] browsers (i.e., [[Hypertext Transfer Protocol]] *HTTP) clients) and Web servers. It was developed by Netscape
<ref name="schneierbook">{{citation  
  | first = Bruce | last = Schneier
  | first = Bruce | last = Schneier
  | title = Applied Cryptography
  | title = Applied Cryptography
  | date = 2nd edition, 1996,  
  | date = 2nd edition, 1996,  
  | publisher = John Wiley & Sons
  | publisher = John Wiley & Sons
  |ISBN =0-471-11709-9}}</ref>, and supported by Microsoft and other major vendors until the development of a functionally equivalent standard, [[Transport Layer Security]] (TLS) <ref name=RFC>{{citation
  |ISBN =0-471-11709-9}}</ref>, and supported by Microsoft and other major vendors until the development of a functionally equivalent standard, [[Transport Layer Security]] (TLS)
<ref name=RFC>{{citation
  | id = RFC5246  
  | id = RFC5246  
  | title = The Transport Layer Security (TLS) Protocol Version 1.2.  
  | title = The Transport Layer Security (TLS) Protocol Version 1.2.  

Revision as of 23:29, 1 March 2010

This article is developing and not approved.
Main Article
Discussion
Definition [?]
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

Secure Sockets Layer (SSL) is an encrypted end-to-end protocol that runs between World Wide Web browsers (i.e., Hypertext Transfer Protocol *HTTP) clients) and Web servers. It was developed by Netscape [1], and supported by Microsoft and other major vendors until the development of a functionally equivalent standard, Transport Layer Security (TLS) [2], by the Internet Engineering Task Force. TLS is a derivative of SSL.

From the standpoint of network architecture, it forms a "shim" between Transmission Control Protocol (TCP) and HTTP. "Sockets" refer to the programming interface used by the host and client application to communicate only when traffic has been encrypted before being sent to TCP, or decrypted after it is received. For cryptographic authentication and content protection, SSL uses public key software from RSA.

There is no charge for client-side access or noncommercial server use; Netscape does license the server side for commercial service.

References

  1. Schneier, Bruce (2nd edition, 1996,), Applied Cryptography, John Wiley & Sons, ISBN 0-471-11709-9
  2. T. Dierks, E. Rescorla (August 2008), The Transport Layer Security (TLS) Protocol Version 1.2., RFC5246