Secure Sockets Layer (SSL)

Robert J. Boncella, Washburn University

Secure Communication Channels


Secure Channels

History of Secure Channels—SSLv1 to v3, PCT, TLS, STLP, and WTLS

Internetworking Concepts

Clients and Servers

Communication Paths

The OSI Model and TCP/IP

Cryptographic Concepts Used in SSL and TLS


Key Sharing

Message Digest Algorithms

Digital Signatures

Certification Authorities

SSL Architecture


Connection Process Preview

Record Protocol

TLS—Transport Layer Security

SSL and TLS Protocols: Details

Cipher Suites and Master Secrets

Secure Internet Services Implemented Using SSL

Status of SSL

SSLv3 and TLS 1.0 and Commercial Use

Advantages, Disadvantages, Threats, and Alternatives to SSL/TLS


Cross References


Further Reading



This chapter provides an overview of how the SSL protocol and its variant the TLS protocol are used to establish and operate a secure communication channel. It is assumed that the readers of this chapter are nontechnical in their academic background. As a result some space will be spent in explaining the background concepts necessary for a full understanding of SSL and TLS. If the reader requires more technical detail (Boncella, 2000) is suggested.

This chapter has five major sections. First is a discussion of the need for and history of secure channels. Second is an overview of the internetworking concepts necessary to appreciate the details of SSL and TLS protocols. ...

Get Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.