Secure Sockets Layer: Difference between revisions
imported>Sandy Harris No edit summary |
imported>Sandy Harris No edit summary |
||
Line 1: | Line 1: | ||
'''Secure Sockets Layer (SSL)''' is an [[cryptography#two-way encryption|encrypted]] end-to-end [[protocol (computer)| protocol]] that runs between [[World Wide Web]] browsers (i.e., [[Hypertext Transfer Protocol]] *HTTP) clients) and Web servers. It was developed by Netscape, and supported by Microsoft and other major vendors until the development of a functionally equivalent standard, [[Transport Layer Security]] (TLS) <ref name=RFC>{{citation | '''Secure Sockets Layer (SSL)''' is an [[cryptography#two-way encryption|encrypted]] end-to-end [[protocol (computer)| protocol]] that runs between [[World Wide Web]] browsers (i.e., [[Hypertext Transfer Protocol]] *HTTP) clients) and Web servers. It was developed by Netscape <ref name="schneierbook">{{citation | ||
| first = Bruce | last = Schneier | |||
| title = Applied Cryptography | |||
| date = 2nd edition, 1996, | |||
| publisher = John Wiley & Sons | |||
|ISBN =0-471-11709-9}}</ref>, and supported by Microsoft and other major vendors until the development of a functionally equivalent standard, [[Transport Layer Security]] (TLS) <ref name=RFC>{{citation | |||
| id = RFC5246 | | id = RFC5246 | ||
| title = The Transport Layer Security (TLS) Protocol Version 1.2. | | title = The Transport Layer Security (TLS) Protocol Version 1.2. | ||
| author = T. Dierks, E. Rescorla | | author = T. Dierks, E. Rescorla | ||
| date = August 2008 | | date = August 2008 | ||
| url = http://www.ietf.org/rfc/rfc5246.txt | | url = http://www.ietf.org/rfc/rfc5246.txt}}</ref>, by the [[Internet Engineering Task Force]]. TLS is a derivative of SSL. | ||
From the standpoint of network architecture, it forms a "shim" between [[Transmission Control Protocol]] (TCP) and HTTP. "Sockets" refer to the programming interface used by the host and client application to communicate only when traffic has been encrypted before being sent to TCP, or decrypted after it is received. For cryptographic authentication and content protection, SSL uses public key software from RSA. | From the standpoint of network architecture, it forms a "shim" between [[Transmission Control Protocol]] (TCP) and HTTP. "Sockets" refer to the programming interface used by the host and client application to communicate only when traffic has been encrypted before being sent to TCP, or decrypted after it is received. For cryptographic authentication and content protection, SSL uses public key software from RSA. |
Revision as of 04:25, 15 December 2008
Secure Sockets Layer (SSL) is an encrypted end-to-end protocol that runs between World Wide Web browsers (i.e., Hypertext Transfer Protocol *HTTP) clients) and Web servers. It was developed by Netscape [1], and supported by Microsoft and other major vendors until the development of a functionally equivalent standard, Transport Layer Security (TLS) [2], by the Internet Engineering Task Force. TLS is a derivative of SSL.
From the standpoint of network architecture, it forms a "shim" between Transmission Control Protocol (TCP) and HTTP. "Sockets" refer to the programming interface used by the host and client application to communicate only when traffic has been encrypted before being sent to TCP, or decrypted after it is received. For cryptographic authentication and content protection, SSL uses public key software from RSA.
There is no charge for client-side access or noncommercial server use; Netscape does license the server side for commercial service.
References
- ↑ Schneier, Bruce (2nd edition, 1996,), Applied Cryptography, John Wiley & Sons, ISBN 0-471-11709-9
- ↑ T. Dierks, E. Rescorla (August 2008), The Transport Layer Security (TLS) Protocol Version 1.2., RFC5246