Manualshelf

User manual

ManualsBrandsCobalt Digital Inc ManualsHome building and DecorCobalt NASRaQ
191192193194195196197198199200
Glossary
179
Secure Sockets Layer (SSL)
Secure Sockets Layer is a program layer created by Netscape
Communications for managing the security of message transmissions in
a network. Netscape’s idea was that the programming for keeping your
messages confidential ought to be contained in a program layer between
higher-level protocols (such as HTTP or IMAP) and the TCP/IP layers
of the Internet. The “sockets” part of the term refers to the sockets
method of passing data between a client and a server program in a
network or between program layers in the same computer.
SSL allows an SSL-enabled server to authenticate itself to an
SSL-enabled client, allows the client to authenticate itself to the server,
and allows both machines to establish an encrypted connection.
These capabilities address fundamental concerns about communication
over the Internet and other TCP/IP networks:
SSL server authentication allows a user to confirm the identity of a
server. SSL-enabled client software can use standard techniques of
public-key cryptography to check that a servers certificate and
public ID are valid and have been issued by a certificate authority
(CA) listed in the client’s list of trusted CAs. This confirmation can
be important if, for example, the user is sending a credit card
number over the network and wants to check the receiving servers
identity.
SSL client authentication allows a server to confirm a users
identity. Using the same techniques as those used for server
authentication, SSL-enabled server software can check that a
client’s certificate and public ID are valid and have been issued by a
certificate authority (CA) listed in the servers list of trusted CAs.
This confirmation can be important if, for example, the server is a
bank sending confidential financial information to a customer and
wants to check the recipient’s identity.
an encrypted SSL connection requires all information sent between
a client and a server to be encrypted by the sending software and
decrypted by the receiving software, thus providing a high degree
of confidentiality. Confidentiality is important for both parties to
any private transaction. In addition, all data sent over an encrypted
SSL connection is protected with a mechanism for detecting
tampering — that is, for automatically determining whether the
data has been altered in transit.
See also Authentication and Encryption.