SSL - Secure Sockets Layer
SSL (pronounced as separate letters) is short for Secure Sockets Layer.
SSL a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.
Most Web browsers support SSL, and many websites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:.
Secure HTTP (S-HTTP)
Another protocol for transmitting data securely over the World Wide Web is Secure HTTP (S-HTTP). Whereas SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely, S-HTTP is designed to transmit individual messages securely. SSL and S-HTTP, therefore, can be seen as complementary rather than competing technologies. Both protocols were approved by the Internet Engineering Task Force (IETF) as a standard.
SSL 3.0 Vulnerable
SSL version 3.0 is based on the 1996 draft. In 2014, the 3.0 version of SSL was considered vulnerable due to POODLE (Padding Oracle On Downgraded Legacy Encryption) attacks. These attacks allowed secure HTTP cookies or HTTP Authorization header contents to be stolen from downgraded communications. Today, SSL 3.0 is still widely deployed.
From SSL to TLS
Secure Sockets Layer (SSL) is the predecessor to Transport Layer Security (TLS). TLS is an Internet Engineering Task Force (IETF) standards track protocol that is based on the earlier SSL specifications.
- Watch Datamation's editor James Maguire moderate roundtable discussions with tech experts from companies such as Accenture, Dell, Blue Jeans Network, Microsoft and more »
Perceptual computing is the ability for a computer to recognize what is going on around it. More specifically, the computer can perceive the... Read More »Apple Pay Promises to Strengthen Payment Security
Experts believe that Apple Pay and other competitive payment systems will be far more secure than cards, even cards equipped with EMV chips. Read More »The Great Data Storage Debate: Is Tape Dead?
Tape clearly is on the decline. But remember, legacy systems can hang for a shockingly long time. Read More »
A network is a group of two or more computer systems or devices, linked together to share resources, exchange files and electronic communications.... Read More »Computer Architecture Study Guide
This Webopedia study guide describes the different parts of a computer system and their relations. Read More »Webopedia Polls
The trend for the past two years has been for shoppers to spend more online during the holiday season. How do you typically shop for holiday... Read More »