what is ssl certificate?
It is an ‘Official verification’ given to a website, by a recognized authority, that is used to establish (between your browser & that website) an encrypted form of data transfer.
It basically says this site is who they say they are, and have undergone several verification steps to prove it.
SSL is the earlier form of security over TCP/IP and has been replaced by TLS.
Protocol for establishing a secure connection starts with the ‘hello’ or ‘handshake’ procedures:
1) client (your computer) seeks a secure connection over socket 443)
2) client sends a ‘greetings’ packet with several items: incl. What protocol it has available (SSL 2, SSL3, TLS, etc.); time, session number, list of it’s encryption capabilities, and so on
3) the sought server looks at it’s own protocol levels & selects/matches the best possible protocol for the connection
4) the server returns a message saying ‘OK, here’s the method (or protocol) we’ll use, and here’s my certificate (optional), and we’ll call it so-and-so session…etc.; and a ‘finished hello’ message
5) Client sends to server an “agreed” message, and ‘finished hello’ message.
(this all happens before any application data is sent; it’s just groundwork to establish authenticity of endpoints, and method of encryption)
Overview of the evolution of various security protocols is here (this is a moderately ‘dense’ (facts per minute) material).
Http://twit.tv/sn # 195
Powered by Yahoo! Answers