HP NonStop SSL Reference Manual SSL Reference • 99
SSL Reference
Secure Sockets Layer
The SSL (secure sockets layer) protocol is an open, non-proprietary protocol originally designed by Netscape. It has
been standardized by the IETF as Transport Layer Security (TLS) protocol. SSL has been universally accepted on the
Internet for authenticated and encrypted communication between clients and servers and is used in millions of browsers
around the world.
HP NonStop SSL implements SSL using OpenSSL (© acknowledged).
SSL Features
The SSL protocol has the following basic properties:
• Privacy
After an initial handshake, client and server agree on a session key which is used for a symmetric cipher
algorithm to encrypt the session's payload. Example ciphers are RC4, 3-DES or AES.
• Mutual Authenticity
Using a public-key cryptography and digital signatures, the SSL protocol allows to authenticate the server or
client before exchanging confidential data.
• Session Integrity
SSL ensures the integrity of the messages exchanged allowing client and server to verify if it has been modified
by an attacker, using a Message Authentication Code (MAC). Example MAC algorithms are MD5 or SHA.
Further References
For more information on SSL we recommend the following reading:
• Eric Rescorla, "SSL and TLS: Designing and Building Secure Systems", Addison-Wesley Professional 2000
• Stephen Thomas, "SSL and TLS essentials", Wiley Publishing 2000
• http://en.wikipedia.org/wiki/Transport_Layer_Security
For information on public key cryptography and digital signatures on relation to SSL please read:
• Russ Housley: "Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure", Wiley
Publishing 2001
• SSL Certificates and PKI in the NonStop World - and Other Worlds, The Connection May/June 2004.
• http://en.wikipedia.org/wiki/Pki
To Next Page
Loading...
Need help?
General