Manualshelf

User manual

ManualsBrandsCobalt Digital Inc ManualsComputer equipmentCacheRaQ 4
131132133134135136137138139140
Chapter 4: Site Management
118 Cobalt RaQ 4 User Manual
SSL settings
The RaQ 4 Administrator can administer the RaQ 4 through
secure sockets layer (SSL). SSL is provided in 128-bit
encryption code and offers a secure Web connection to the
end user. The implementation of SSL on the RaQ 4 is based
on mod_ssl and BSAFE cryptographic software from RSA
Security.
A secure connection means two things: encryption and authentication.
Encryption ensures that no one can snoop the connection between the browser
and the RaQ 4; authentication ensures the client, through a certificate, that the
server is who they say they are. The security is assured on two levels.
At the network level, the first time the browser connects to a server, the browser
stores the server’s certificate. This is the encryption part of the secure connection.
Each time the browser “thinks” that it is communicating with this same server, it
verifies that this same certificate is used to assure the secure connection.
At a higher level, a server’s certificate is “signed” by a trusted external authority
that the browser knows about, such as VeriSign. This is the authentication part of
the secure connection. The server information (country, state, city, organization)
is encoded into the certificate and certificate request. The external authority signs
your request and guarantees that your server information is legitimate.
For example, if a Web site sends a signed certificate saying that it comes from
Cobalt Networks in Mountain View, California, United States, the end user can
trust (due to the signed certificate from the external authority) that this Web site is
indeed run by this company located in this city.
A self-signed certificate is a certificate that has not been signed by an external
authority. A self-signed certificate simply ensures that an encrypted Web
connection is in place; it does NOT provide authentication to a user that the
server is who they say they are.
For more information on authentication, encryption and SSL, refer to
Appendix F, “Glossary”.