Table of Contents
Advertisement
The SSL protocol includes two sub-protocols: the SSL record protocol and the SSL
handshake protocol. The SSL record protocol defines the format used to transmit
data. The SSL handshake protocol involves using the SSL record protocol to
exchange a series of messages between an SSL-enabled server and an SSL-enabled
client when they first establish an SSL connection. This exchange of messages is
designed to facilitate the following actions:
•
Authenticate the server to the client.
•
Allow the client and server to select the cryptographic algorithms, or ciphers,
that they both support.
•
Optionally authenticate the client to the server.
•
Use public-key encryption techniques to generate shared secrets.
•
Establish an encrypted SSL connection.
For more information about the handshake process, see "The SSL Handshake,"
which begins on page 836.
Ciphers Used with SSL
The SSL protocol supports the use of a variety of different cryptographic
algorithms, or ciphers, for use in operations such as authenticating the server and
client to each other, transmitting certificates, and establishing session keys. Clients
and servers may support different cipher suites, or sets of ciphers, depending on
factors such as the version of SSL they support, company policies regarding
acceptable encryption strength, and government restrictions on export of
SSL-enabled software. Among its other functions, the SSL handshake protocol
determines how the server and client negotiate which cipher suites they will use to
authenticate each other, to transmit certificates, and to establish session keys.
Key-exchange algorithms like KEA and RSA key exchange govern the way in
which the server and client determine the symmetric keys they will both use
during an SSL session. The most commonly used SSL cipher suites use RSA key
exchange.
The SSL 2.0 and SSL 3.0 protocols support overlapping sets of cipher suites.
Administrators can enable or disable any of the supported cipher suites for both
clients and servers. When a particular client and server exchange information
during the SSL handshake, they identify the strongest enabled cipher suites they
have in common and use those for the SSL session.
Ciphers Used with SSL
Appendix K
Introduction to SSL
831
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN