Secure Sockets Layer (SSL)

Robert J. Boncella, Washburn University

Secure Communication Channels

Overview

Secure Channels

History of Secure Channels—SSLv1 to v3, PCT, TLS, STLP, and WTLS

Internetworking Concepts

Clients and Servers

Communication Paths

The OSI Model and TCP/IP

Cryptographic Concepts Used in SSL and TLS

Encryption

Key Sharing

Message Digest Algorithms

Digital Signatures

Certification Authorities

SSL Architecture

Overview

Connection Process Preview

Record Protocol

TLS—Transport Layer Security

SSL and TLS Protocols: Details

Cipher Suites and Master Secrets

Secure Internet Services Implemented Using SSL

Status of SSL

SSLv3 and TLS 1.0 and Commercial Use

Advantages, Disadvantages, Threats, and Alternatives to SSL/TLS

Glossary

Cross References

References

Further Reading

SECURE COMMUNICATION CHANNELS

Overview

This chapter provides an overview of how the SSL protocol and its variant the TLS protocol are used to establish and operate a secure communication channel. It is assumed that the readers of this chapter are nontechnical in their academic background. As a result some space will be spent in explaining the background concepts necessary for a full understanding of SSL and TLS. If the reader requires more technical detail (Boncella, 2000) is suggested.

This chapter has five major sections. First is a discussion of the need for and history of secure channels. Second is an overview of the internetworking concepts necessary to appreciate the details of SSL and TLS protocols. ...