Home page logo

basics logo Security Basics mailing list archives

Re: SSL workings
From: Creed Erickson <creed () mac com>
Date: Tue, 2 Dec 2003 21:29:36 -0800

SSL provides a generic channel security mechanism on top of TCP. Any protocol that can be carried over TCP can be secured by SSL. Provided are server authentication, encryption, and message integrity checking. Optionally, the client can be cryptographically authenticated.

The SSL APIs mimic the familiar socket interface APIs, but you must use the SSL calls. SSL will not secure a transport (socket) opened using the standard non-secure socket interfaces.

For an excellent discussion of SSL, see "SSL and TLS" by Eric Rescorla, Addison Wesley, 2001 ISBN 02016155983


On Tuesday, December 2, 2003, at 09:18  AM, trystano () aol com wrote:

Can some please highlight exactly how SSL works. I know it encrypts data sent between a client and a server and uses authentications through use of certificates etc.

But does it secure the a socket/port out of which the data is being transffered. Does SSL send data through a different port that normal unprotected data transfers?

Sorry if this sounds kind of beginner like :-s



----------------------------------------------------------------------- ---- ----------------------------------------------------------------------- -----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]