Security Basics mailing list archives
Re: SSL workings
From: Creed Erickson <creed () mac com>
Date: Tue, 2 Dec 2003 21:29:36 -0800
SSL provides a generic channel security mechanism on top of TCP. Any protocol that can be carried over TCP can be secured by SSL. Provided are server authentication, encryption, and message integrity checking. Optionally, the client can be cryptographically authenticated.
The SSL APIs mimic the familiar socket interface APIs, but you must use the SSL calls. SSL will not secure a transport (socket) opened using the standard non-secure socket interfaces.
For an excellent discussion of SSL, see "SSL and TLS" by Eric Rescorla, Addison Wesley, 2001 ISBN 02016155983
HTH. On Tuesday, December 2, 2003, at 09:18 AM, trystano () aol com wrote:
Can some please highlight exactly how SSL works. I know it encrypts data sent between a client and a server and uses authentications through use of certificates etc.But does it secure the a socket/port out of which the data is being transffered. Does SSL send data through a different port that normal unprotected data transfers?Sorry if this sounds kind of beginner like :-s Cheers Tryst----------------------------------------------------------------------- ---- ----------------------------------------------------------------------- -----
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SSL workings trystano (Dec 02)
- RE: SSL workings Joey Peloquin (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- Re: SSL workings Creed Erickson (Dec 03)
- Re: SSL workings Markus Müssig (Dec 03)
- <Possible follow-ups>
- Re: SSL workings Trystano (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- RE: SSL workings Joey Peloquin (Dec 03)
- SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- RE: SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- CSI/FBI Survey Meritt James (Dec 04)