August 7, 2009
SSL (Secure Sockets Layer):
The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. Look for a lock icon at the top or bottom of your browser.If the lock is closed, you are on a secure SSL or TLS connection.
SSL uses a cryptographic system that uses two keys to encrypt data – a public key known to everyone and a private or secret key known only to the recipient of the message. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers.
A sequence of operations that ensure protection of data. Used with a communications protocol, it provides secure delivery of data between two parties.
HTTPS and Port Number 443:
An SSL session is started by sending a request to the Web server with an HTTPS prefix in the URL.The Port number 443 is assigned to HTTPS.
After the two sides acknowledge each other, the browser sends the server a list of algorithms it supports, and the server responds with its choice and a signed digital certificate. From an internal list of certificate authorities (CAs) and their public keys, the browser uses the appropriate public key to validate the signed certificate.
Data for Secret Keys Is Passed:
The browser extracts the public key of the Web site from the server’s certificate and uses it to encrypt a pre-master key and send it to the server. At each end, the client and server independently use the pre-master key and random numbers passed earlier to generate the secret keys used to encrypt and decrypt the rest of the session.
A checksum is a form of redundancy check, a simple way to protect the integrity of data by detecting errors in data that are sent through space.