O'Reilly logo

J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice by Pankaj Kumar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Understanding SSL Protocol

SSL setup and data exchange over the underlying TCP connection takes place in two different phases: handshake and data transfer. The handshake phase involves negotiation of the cipher-suite, authentication of end-points and agreement on cryptographic keys for subsequent encryption and decryption of application data. This essentially establishes a SSL Session between two end-points. The data transfer phase involves message digest computation, encryption and transmission of the encrypted data blocks at one end and reception, decryption and digest verification at the other end.

Recall that TCP is a byte stream-oriented protocol, meaning there is no grouping of a sequence of bytes in records at the application level. SSL ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required