SSL(redirected from SSL/TLS)
Also found in: Dictionary, Acronyms.
Syntax/Semantic Language (S/SL).
SSL(networking, World-Wide Web)
SSL(1) (Solid State Lighting) See LED lighting.
(2) (Secure Sockets Layer) The leading security protocol on the Internet prior to TLS. Developed by Netscape, SSL has been widely used to validate the identity of a website, to create an encrypted connection for credit card and personal data and to ensure the transmission is without error.
HTTPS and Port Number 443
An SSL session starts by sending a request to the Web server with an HTTPS prefix in the URL, which inserts SSL port number 443 into the packets. See well-known port.
After both sides acknowledge each other, the browser sends the server a list of supported algorithms, and the server responds with its choice and a signed digital certificate. From an internal list of certificate authorities (CAs), the browser uses the appropriate public key to validate the certificate. Both sides also send each other random numbers. See digital certificate.
Data for Secret Keys Is Passed
The browser extracts the public key of the website from the server's certificate and uses it to encrypt a pre-master key and send it to the server. At each end, the client and server independently use the pre-master key and random numbers passed earlier to generate the secret keys used to encrypt and decrypt the rest of the session. See TLS, server-gated cryptography, OpenSSL, security protocol and public key cryptography.
SSL and TLS
SSL was superseded by TLS (Transport Layer Security). TLS 1.0 came out in 1999 and is very similar to the last SSL version (SSL 3.0, 1996) but not identical. They are not interoperable; however, most websites and browsers support both, and the acronyms SSL/TLS and TLS/SSL are widely used. See TLS.
|The Lock Icon|
|The lock icon on the browser indicates a secure SSL or TLS connection (see TLS).|
|The SSL Handshake|
|These steps take place to negotiate an SSL session before any user data are transmitted. Steps 5 and 6 verify the integrity of the handshake, ensuring that nobody tampered with any messages. These checksums are called "message authentication codes" (see MAC).|