WHAT’S IN THIS CHAPTER?
TLS (Transport Layer Security) and SSL (Secure Socket Layer) allow client/server applications to communicate across a network in a way designed to prevent eavesdropping (others looking into your messages) and tampering (others changing your message). TLS/SSL encrypts the segments of network connections above the transport layer, enabling both privacy and message authentication.
TLS is based on earlier SSL specifications developed by Netscape. In fact, TLS 1.0 is also known as SSL 3.1, and the latest version (TLS 1.2) is also known as SSL 3.3. This chapter uses TLS instead of the deprecated SSL nomenclature.
Public key cryptography refers to a cryptographic system that requires two separate keys. One key is used to encrypt the plaintext, and the other key is used to decrypt the encrypted message. One of these keys is public, and the other is private. If the plaintext is encrypted using the public key, only the private key can unlock it, enabling private communication from the public to the private key owner. If the plaintext is encrypted using the private key, the public key can decrypt it. In this case the system verifies the signatures of the documents signed by the owner of the private ...