Secure Sockets Layer

SSL is an encryption technology for web host devices used to process secure transactions. For example, a secure transaction is required when a client enters their credit card number for e-commerce via their browser. When the end user enters a web address via an Internet browser, such as Internet Explorer, instead of entering HTTP://web address in the address window, the end user enters HTTPs://web address.

NOTE Secure Hypertext Transfer Protocol (S-HTTP) transports HTTP-based traffic over an SSL connection and provides a stronger authentication mechanism than HTTP.

S-HTTP is not the same as SSL or HTTPs. S-HTTP is covered in RFC 2660 and is significantly different from SSL. More details on S-HTTP and how it differs from SSL are provided at http:/ /www.ucs.mun.ca/~dgoudie/B8205/SSL.html.

HTTPs runs over TCP port 443. SSL is defined in RFC 2246.

The SSL Handshake Protocol was first developed by Netscape Communications Corporation to provide security and privacy over the World Wide Web. The SSL protocol supports server and client authentication. The SSL protocol is application-independent, allowing protocols like HTTP, FTP, and Telnet to be layered on top of it transparently. In other words, it is a session layer-based protocol. Cisco has developed a number of content-based switches to accelerate this communication, such as the Cisco SCA 11000 Series Secure Content Accelerator, an appliance-based solution that increases the number of secure connections supported by a website by offloading the processor-intensive tasks related to securing traffic with SSL. After an SSL session is established, no further authentication is required. Chapter 4, "Security Protocols," broadens this discussion on public security by discussing topics such as private and public keys, and how keys are exchanged through the Certificate Authority (CA) to ensure that SSL is secure.

0 0

Post a comment