4.3. Secure Sockets Layer (SSL) protocol

Secure Sockets Layer was created by Netscape to ensure a secure session on TCP/IP networks. SSL uses a combination of certificates, digital signatures, and cryptography (based on RSA). The client initiates an SSL Web connection by using a URL starting with https instead of http. With SSL, the data flows back and forth between the client and server using a secret key algorithm. This technology is evolving into Transport Layer Security (TLS).

SSL performs the following functions:

  • It authenticates the server to the client.

  • Optionally, it authenticates the client to the server.

  • It creates an encrypted connection between both machines.

The authentication of the server to the client, and vice versa, happens through ...

Get IBM e-business Technology, Solution, and Design Overview now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.