LT   EN   RU  
2024 г. март 29 д., пятница Straipsniai.lt - Информационный портал
  
  Компьютеры > Компьютерные технологии > Безопасность > Сертификаты SSL
Lankomumo reitingas Версия для печати Версия для печати
What is SSL?

The SSL (Secure Sockets Layer) Handshake Protocol [Hic95] was developed by Netscape Communications Corporation to provide security and privacy over the Internet. The protocol supports server and client authentication. The SSL protocol is application independent, allowing protocols like HTTP (HyperText Transfer Protocol), FTP (File Transfer Protocol), and Telnet to be layered on top of it transparently. Still, SSL is optimized for HTTP; for FTP, IPSec (see Question 5.1.4) might be preferable. The SSL protocol is able to negotiate encryption keys as well as authenticate the server before data is exchanged by the higher-level application. The SSL protocol maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication codes.

The SSL Handshake Protocol consists of two phases: server authentication and an optional client authentication. In the first phase, the server, in response to a client's request, sends its certificate and its cipher preferences. The client then generates a master key, which it encrypts with the server's public key, and transmits the encrypted master key to the server. The server recovers the master key and authenticates itself to the client by returning a message authenticated with the master key. Subsequent data is encrypted and authenticated with keys derived from this master key. In the optional second phase, the server sends a challenge to the client. The client authenticates itself to the server by returning the client's digital signature on the challenge, as well as its public-key certificate.

A variety of cryptographic algorithms are supported by SSL. During the ``handshaking'' process, the RSA public-key cryptosystem (see Section 3.1) is used. After the exchange of keys, a number of ciphers are used. These include RC2 (see Question 3.6.2), RC4 (see Question 3.6.3), IDEA (see Question 3.6.7), DES (see Section 3.2), and triple-DES (see Question 3.2.6). The MD5 message-digest algorithm (see Question 3.6.6) is also used. The public-key certificates follow the X.509 syntax (see Question 5.3.3).

For more information on SSL 3.0, see http://home.netscape.com/eng/ssl3/index.html.

TLS (Transport Layer Security) is a protocol that is based on and very similar to SSL 3.0; for more information about TLS 1.0, see ftp://ftp.isi.edu/in-notes/rfc2246.txt.

We should also mention WTLS (Wireless TLS), which specifies the security layer protocol in WAP (Wireless Application Protocol); WAP is the de facto standard for the delivery and presentation of information to wireless devices such as mobile phones and pagers. WTLS is very similar to TLS but optimized for low-bandwidth bearer networks. For more information on WAP and WTLS, see http://www.wapforum.org/what/technical.htm.

            

Lankomumo reitingas

Oбсудить на форуме - Oбсудить на форуме

Версия для печати - Версия для печати

Назад
Случайные теги:    Филателия (15)    Автомобили (6)    Астрология (13)    Компьютерные игры (26)    Драконы (12)    Азербайджан (7)    Литература (4)    Сканеры (2)    Скейборды (2)    Боевые искусства (10)    Животные (31)    Военное искусство (3)    Психология (27)    Археология (3)    Кино (45)    НЛП (18)    Путешествия (2)    Биология (34)    Воспитания (3)    Страны (22)    Ислам (3)    Английский язык (2)    Образование (101)    Вирусы (25)    Медицина (84)    Садоводство (12)    Кулинария (39)    Мистика (83)    Развлечения (26)    Хакеры (116)    Политика (3)    Пиво (29)    Криптография (17)    Интернет (15)    Настольные игры (17)    География (4)    Психиатрия (13)    Наркопсихотерапия (2)    Прогр. обеспечение (15)    Астрономия (10)    Процессоры (7)    Гостья из будущего (35)    Египет (5)    Казино (9)    Саентология (10)    Йога (9)    Любовь (32)    Культура (88)    Технологий (4)    Бизнес и финансы (20)
1. Сертификаты SSL для серверов IIS 5.0
2. Найдена дыра в протоколе SSL
3. Максим Дрогайцев "Что такое SSL?"
4. Быстрое поднятие SSL для Apache под FreeBSD
5. Как организовать в TheBat! прием почты по POP3 через SSL
6. Что такое SSL. Ложка дегтя
7. SSL в действии
8. Безопасный SSL
9. Что такое SSL
10. SSL - Secure Sockets Layer
1. Сертификаты SSL для серверов IIS 5.0
2. Найдена дыра в протоколе SSL
3. Что такое SSL
4. Максим Дрогайцев "Что такое SSL?"
5. Быстрое поднятие SSL для Apache под FreeBSD
6. Как организовать в TheBat! прием почты по POP3 через SSL
7. SSL в действии
8. Что такое SSL. Ложка дегтя
9. Безопасный SSL
10. SSL - Secure Sockets Layer
Map