Manualshelf

User manual

ManualsBrandsCobalt Digital Inc ManualsComputer equipmentCacheRaQ 4
231232233234235236237238239240
Appendix F: Glossary
218 Cobalt RaQ 4 User Manual
Secure Sockets Layer (SSL)
Secure Sockets Layer is a program layer created by Netscape
Communications for managing the security of message transmissions in a
network. Netscape’s idea was that the programming for keeping your
messages confidential ought to be contained in a program layer between
higher-level protocols (such as HTTP or IMAP) and the TCP/IP layers of the
Internet. The “sockets” part of the term refers to the sockets method of
passing data between a client and a server program in a network or between
program layers in the same computer.
SSL allows an SSL-enabled server to authenticate itself to an SSL-enabled
client, allows the client to authenticate itself to the server, and allows both
machines to establish an encrypted connection.
These capabilities address fundamental concerns about communication over
the Internet and other TCP/IP networks:
SSL server authentication allows a user to confirm the identity of a
server. SSL-enabled client software can use standard techniques of
public-key cryptography to check that a server’s certificate and public ID
are valid and have been issued by a certificate authority (CA) listed in the
client’s list of trusted CAs. This confirmation can be important if, for
example, the user is sending a credit card number over the network and
wants to check the receiving server’s identity.
SSL client authentication allows a server to confirm a user’s identity.
Using the same techniques as those used for server authentication,
SSL-enabled server software can check that a client’s certificate and
public ID are valid and have been issued by a certificate authority (CA)
listed in the server’s list of trusted CAs. This confirmation can be
important if, for example, the server is a bank sending confidential
financial information to a customer and wants to check the recipient’s
identity.
an encrypted SSL connection requires all information sent between a
client and a server to be encrypted by the sending software and decrypted
by the receiving software, thus providing a high degree of
confidentiality. Confidentiality is important for both parties to any
private transaction. In addition, all data sent over an encrypted SSL
connection is protected with a mechanism for detecting tampering—that
is, for automatically determining whether the data has been altered in
transit.
See also Authentication and Encryption.