Spanish version
French version
Version allemande
Version portugaise
Version italienne
English version
Sign up for free (lost password?)
- Friday July 3, 2009 - 10:26:39 pm BST
- registered : 1500747
- online : 45438
- questions/day : 4656
- Answer rate : 76.44%
| PreviousLaws | Cryptography - Secure Sockets Layers (SSL) | NextSecure Shell (SSH) |
Bookmark & Share
Introduction to SSL
SSL (Secure Sockets Layers) is a process that manages the security of transactions made on the Internet. The SSL standard was developed by Netscape, together with Mastercard, Bank of America, MCI and Silicon Graphics. It is based on a public-key encryption process to guarantee that data sent over the Internet remain secure. Its principle involves establishing a secure (encrypted) communication channel between two machines (a client and a server) after an authentication phase.
The SSL system is independent of the protocol used, which means it can secure transactions made on the Web via the HTTP protocol as well as connections via the FTP, POP and IMAP protocols. SSL acts as an additional layer, making it possible to guarantee secure data, that is located between the application layer and the transport layer (TCP protocol for example).
As such, SSL is transparent for the user (this means the user may not know he is using SSL). For example, a user using an Internet browser to connect to an e-commerce website protected by SSL will send encrypted data without having to perform any special operation.
Almost all browsers now support the SSL protocol. Netscape Navigator, for example, displays a locked padlock to indicate a connection to an SSL secure website and an open padlock in the opposite case, whereas Microsoft Internet Explorer displays a padlock only for a connecton to an SSL secure site.
| in Internet Explorer | in Mozilla |
|---|---|
 |
 |
An SSL secure web server has a URL that starts with https://, where the "s" of course means secure.
In mid-2001, the SSL patent that had until then belonged to Netscape was bought by the IETF (Internet Engineering Task Force) and was renamed TLS (Transport Layer Security).
How SSL 2.0 works
Transaction security with SSL 2.0 is based on an exchange of keys between a client and a server. An SSL secure transaction is made according to the following model:
- Firstly, the client connects to the commercial site protected by SSL and asks it for authentication. The client also sends the list of cryptosystems it supports, sorted in descending order by key length.
- The server receiving the request sends a certificate to the client, containing the server's public key signed by a certification authority (CA), as well as the name of the cryptosystem that is highest on the list it is compatible with (the length of the encryption key - 40 bits or 128 bits - will be that of the shared cryptosystem having the largest key size).
- The client verifies the certificate's validity (and therefore the merchant's authenticity), then creates a random secret key (more precisely a supposedly random block), encrypts this key with the server's public key, and then sends the server result (the session key).
- The server is capable of decrypting the session key with its private key. As such, the two entitites have a shared key that only they know. The remaining transactions can be made using the session key, guaranteeing the integrity and confidentiality of exchanged data.
SSL 3.0
SSL 3.0 aims to authenticate the server vis-à-vis the client and possibly the client vis-à-vis the server.
More information
Last update on Thursday October 16, 2008 02:43:18 PM.
Cisco Systems Cisco ASA 5500 Series SSL VPN license - Licence - 50 users The Cisco ASA 5500 Series VPN Edition enables organizations to gain the connectivity and cost benefits of Internet transport without compromising the integrity of corporate security policies. By converging IP Security (IPSec) and Secure Sockets Layer...
en.kioskea.net/guide/631575778-cisco-systems-cisco-asa-5500-series-ssl-vpn-license-licence-50-users
Cryptography - Secure HTTP Introduction to S-HTTP
S-HTTP (Secure HTTP) is a process that protects HTTP transactions and is based on an improvement to the HTTP protocol that was made in 1994 by EIT (Enterprise Integration Technologies). It makes it possible to establish a...
en.kioskea.net/contents/crypto/shttp.php3
Private-key (or secret-key) cryptography Symmetric encryption
Symmetric encryption (also called private-key encryption or secret-key encryption) involves using the same key for encryption and decryption.
Encryption involves applying an operation (an algorithm) to the data to be...
en.kioskea.net/contents/crypto/cleprivee.php3
Primary DNS and Secondary DNSPrimary DNS and Secondary DNS
The DNS service enables you to type names like en.kioskea.net instead of writing the IP address of your machine whenever you connect to the computer.
To achieve this configuration, special servers are...
en.kioskea.net/faq/sujet-904-primary-dns-and-secondary-dns
How to disable the security Center under windows XP?How to disable the security Center under windows XP?
Intruduction
Disable Alerts
Turn off Windows Security Center
Intruduction
Windows security Center is a component that works under Windows XP service pack 2 for providing...
en.kioskea.net/faq/sujet-617-how-to-disable-the-security-center-under-windows-xp
VBA A simple second TimerVBA A simple second Timer
In VBA, there is Timer feature available,but you can create one very easily.
In a module sheet:
Private Sub Worksheet_SelectionChange(ByVal Target As Range)
'For example: Start / Stop the timer every...
en.kioskea.net/faq/sujet-1115-vba-a-simple-second-timer
SSLWhat is secure socket laye SSLr? What is its main purpose and how does SSL are technologies are employed in securing TCP/IP implementations
en.kioskea.net/forum/affich-13647-ssl
Remove system security (Solved)Hello, I also have a problem with my desktop being infected by "security system". I also need directions on how to destroy it. any help? Margie22
en.kioskea.net/forum/affich-59028-remove-system-security
Kaspersky internet security 2009 instalation (Solved)Hello, I bought kaspersky internet security2009 to install in my lenovo laptop when i insert the cd it will show remove other antivirus programmes avg,avast 8 detected when i go to the programme remove panel the above antivirus programmes are not...
en.kioskea.net/forum/affich-59568-kaspersky-internet-security-2009-instalation
Download Eset Smart SecurityAntivirus, antispyware, antispam, firewall: all-in-one!
We cannot find a simple protection!
Based on NOD32 antivirus, extremely little greedy in resources! Eset Smart Security is a protection solution to be tried!
en.kioskea.net/telecharger/telecharger-2190-eset-smart-security
Download SSH Secure ShellSSH secure shell for workstations is a flexible client SSH allowing to connect in a secured way to remote applications.
http://www.commentcamarche.net/faq/images/NHc6wz5jOYBhPXTis.png
en.kioskea.net/telecharger/telecharger-1423-ssh-secure-shell
Download Zero Footprint CryptZero Footprint Crypt is a powerful program of encryption. In some minutes you will be capable of crypt and of hiding sensitive files; more need to care you of spies and eyes.The interface of the user is intuitive with an explorer allowing even to the...
en.kioskea.net/telecharger/telecharger-507-zero-footprint-crypt
Microsoft Internet Security and Acceleration Server 2006 Standard Edition - Complete package - 1 proISA Server 2006 is a fully integrated application layer firewall, virtual private network (VPN), and Web caching solution. A member of the Microsoft Windows Server System, ISA Server 2006 is a highly secure, easy-to-use and cost-effective solution...
en.kioskea.net/guide/655242990-microsoft-internet-security-and-acceleration-server-2006-standard-edition-complete-package-1-processor-cd-win-english
Trend Micro Internet Security 2009 - Complete package + 1 Year Maintenance - 3 users - DVD - Win - EWith Trend Micro Internet Security, you no longer need to choose between computer performance and maximum protection. Get smart, proven security that never sleeps, guarding your PC from the latest threats while giving you the freedom to browse and...
en.kioskea.net/guide/655237480-trend-micro-internet-security-2009-complete-package-1-year-maintenance-3-users-dvd-win-english
Trene Micro, Inc. Trend Internet Security Pro 2009 2 Year License (PC CD)Inc ., Whether you are at home or on the go Trend Micro PC-cillinInternet Security Pro 2009 safeguards your online transactionsidentity and irreplaceable files with the most comprehensiveprotection available. Get all the benefits of our proven...
en.kioskea.net/guide/591565108-trene-micro-inc-trend-internet-security-pro-2009-2-year-license-pc-cd
Conficker worm active, security experts sayA man surfs the Internet in Beijing. The Conficker worm, believed to have burrowed into millions of computers around the world, has sent an encrypted data message to infected machines, according to a computer security firm.
The Conficker worm,...
en.kioskea.net/actualites/conficker-worm-active-security-experts-say-12512-actualite.php3
The Wi-Fi link layerData link layer
The data link layer of the 802.11 standard is composed of two sublayers: the Logical Link Control layer (or LLC for short), and the Media Access Control layer (or MAC). The MAC layer defines two different access methods:
The...
en.kioskea.net/contents/wifi/wifimac.php3
Security Policies in Windows NTUnderstanding the notion of policy
Security policy is the set of all security rules that are to be implemented in an organisation, and the ways in which they are implemented. The user manager located in the Start Menu (Programs/Administration...
en.kioskea.net/contents/winnt/ntstrat.php3
Information security officer (ISO)Information security officer (ISO)
An ISO (information security officer) is in charge of setting and a company's security policy. He/she also plays a critical role in informing, advising, and alerting the general management on matters relating to...
en.kioskea.net/contents/metiers-informatique/rssi-responsable-securite.php3