• Secure Socket Layer is a full form of ssl.
  • The enhanced version of TCP is known as Secure Socket Layer(ssl).
  • A modified version of SSL version 3 , called Transport Layer Security (TLS).
  • SSL is developed by Netscape.
  • SSL application created on demand for secure connection.
  • In 1995 , Netscape communication corporation introduce SSL.
  • After development SSL has been very popular.
  • SSL is supported by all popular Web browsers and Web Servers like Firefox , Safari , Internet Explorer and so on.
  • SSL is used by all popular sites including Amazon , eBay , Yahoo! , MSN and so on.
  • Tens of billions of dollars are spent over SSL every year.
  • In fect , if you have ever purchased anything over the Internet with your credit card , the communication between your browser and the server for this purchase almost certainly went over SSL.
  • You can identify that SSL is being used by your browser when the URL begins with https: rather than http.
  • Ssl builds a secure connection between two sockets , including
                    1) Parameter negotiation between client and server
                        2) Authentication of the server by the client.
                          3) Secret communication.
                            4) Data integrity protection.

        • EX : Bob is surfing the web and arrives at the Alice Incorporate site , which is selling perfume . The Alice Incorporate site displayes a form in which Bob is supposed to enter the type of perfume and quantity desired , his address , and his payment card number . Bob enters this information , clicks on submit button , and expects to receive the purchased perfumes.
        • If no confidentiality is used , an intruder could intercept Bob’s order and obtain his payment card information . The intruder could then purchases at Bob’s expense.
        • If no integrity is used , an intruder could modify Bob’s order , having him purchase ten times more bottles of perfume than desired.
        • To stop the intruder for doing this we use SSL.
        • Ssl is a new layer located between the application layer and the transport layer , accepting requests from browser and sending them to TCP for transmission to the server.
        • Once the secure connection has been established, SSL’s main job is handling compression and encryption.
        • The SSL protocol has gone through several protocol versions.
        • Version 3, which is the most widely used version.
        • SSL supports a variety of different options.
        • These options include the presence or absence of compression, the cryptographic algorithms to be used, and some matters relating to export restrictions on cryptography.
        • The last is mainly intended to make sure that serious cryptography is used only when both the ends of the connection are in the UNITED STATES.

        SSL has three phases:

                1) Handshake
                2) Key derivation
                3) Data transfer