Table of Contents
Advertisement
The SSL Protocol
Figure K-1
The SSL protocol runs above TCP/IP and below higher-level protocols such as
HTTP or IMAP. It uses TCP/IP on behalf of the higher-level protocols, and in the
process allows an SSL-enabled server to authenticate itself to an SSL-enabled client,
allows the client to authenticate itself to the server, and allows both machines to
establish an encrypted connection.
These capabilities address fundamental concerns about communication over the
Internet and other TCP/IP networks:
•
SSL server authentication allows a user to confirm a server's identity.
SSL-enabled client software can use standard techniques of public-key
cryptography to check that a server's certificate and public ID are valid and
have been issued by a certificate authority (CA) listed in the client's list of
trusted CAs. This confirmation might be important if the user, for example, is
sending a credit card number over the network and wants to check the
receiving server's identity.
•
SSL client authentication allows a server to confirm a user's identity. Using the
same techniques as those used for server authentication, SSL-enabled server
software can check that a client's certificate and public ID are valid and have
been issued by a certificate authority (CA) listed in the server's list of trusted
CAs. This confirmation might be important if the server, for example, is a bank
sending confidential financial information to a customer and wants to check
the recipient's identity.
•
An encrypted SSL connection requires all information sent between a client
and a server to be encrypted by the sending software and decrypted by the
receiving software, thus providing a high degree of confidentiality.
Confidentiality is important for both parties to any private transaction. In
addition, all data sent over an encrypted SSL connection is protected with a
mechanism for detecting tampering—that is, for automatically determining
whether the data has been altered in transit.
796
Managing Servers with Netscape Console • December 2001
Where SSL Runs
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN