3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
fd9abdda70912b99b24e3bf1a38f26fde908a74cnd<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head>
fd9abdda70912b99b24e3bf1a38f26fde908a74cnd<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" />
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd This file is generated from xml source: DO NOT EDIT
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
96ad5d81ee4a2cc66a4ae19893efc8aa6d06fae7jailletc<title>SSL/TLS Strong Encryption: An Introduction - Apache HTTP Server Version 2.5</title>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
5a58787efeb02a1c3f06569d019ad81fd2efa06end<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" />
2e545ce2450a9953665f701bb05350f0d3f26275nd<script src="/style/scripts/prettify.min.js" type="text/javascript">
5a58787efeb02a1c3f06569d019ad81fd2efa06end<link href="/images/favicon.ico" rel="shortcut icon" /></head>
af33a4994ae2ff15bc67d19ff1a7feb906745bf8rbowen<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<div class="up"><a href="./"><img title="<-" alt="<-" src="/images/left.gif" /></a></div>
3f08db06526d6901aa08c110b5bc7dde6bc39905nd<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.5</a> > <a href="./">SSL/TLS</a></div><div id="page-content"><div id="preamble"><h1>SSL/TLS Strong Encryption: An Introduction</h1>
cb0951ea9250cd378a00ec2b55a47b1904100023yoshiki<p><span>Available Languages: </span><a href="/en/ssl/ssl_intro.html" title="English"> en </a> |
25dc1b1dfaeed1c7f8c5f51ba2970dd201b63893nd<a href="/fr/ssl/ssl_intro.html" hreflang="fr" rel="alternate" title="Fran�ais"> fr </a> |
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung<a href="/ja/ssl/ssl_intro.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>As an introduction this chapter is aimed at readers who are familiar
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndwith the Web, HTTP, and Apache, but are not security experts. It is not
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndintended to be a definitive guide to the SSL protocol, nor does it discuss
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndspecific techniques for managing certificates in an organization, or the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndimportant legal issues of patents and import and export restrictions.
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsfRather, it is intended to provide a common background to <code class="module"><a href="/mod/mod_ssl.html">mod_ssl</a></code> users by pulling together various concepts, definitions,
5b111d121ddb14d690dde7c180402d0b9a030b7andand examples as a starting point for further exploration.</p>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<div id="quickview"><ul id="toc"><li><img alt="" src="/images/down.gif" /> <a href="#cryptographictech">Cryptographic Techniques</a></li>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<li><img alt="" src="/images/down.gif" /> <a href="#certificates">Certificates</a></li>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<li><img alt="" src="/images/down.gif" /> <a href="#ssl">Secure Sockets Layer (SSL)</a></li>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<li><img alt="" src="/images/down.gif" /> <a href="#references">References</a></li>
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedooh</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<h2><a name="cryptographictech" id="cryptographictech">Cryptographic Techniques</a></h2>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>Understanding SSL requires an understanding of cryptographic
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndalgorithms, message digest functions (aka. one-way or hash functions), and
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nddigital signatures. These techniques are the subject of entire books (see
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndfor instance [<a href="#AC96">AC96</a>]) and provide the basis for privacy,
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndintegrity, and authentication.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="cryptographicalgo" id="cryptographicalgo">Cryptographic Algorithms</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>Suppose Alice wants to send a message to her bank to transfer some
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd money. Alice would like the message to be private, since it will
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd include information such as her account number and transfer amount. One
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd solution is to use a cryptographic algorithm, a technique that would
5b111d121ddb14d690dde7c180402d0b9a030b7and transform her message into an encrypted form, unreadable until it is
5b111d121ddb14d690dde7c180402d0b9a030b7and decrypted. Once in this form, the message can only be
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf decrypted by using a secret key. Without the key the message is useless:
5b111d121ddb14d690dde7c180402d0b9a030b7and good cryptographic algorithms make it so difficult
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd for intruders to decode the original text that it isn't worth their
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd effort.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>There are two categories of cryptographic algorithms: conventional
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd and public key.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <dd>also known as symmetric cryptography, requires the sender and
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd receiver to share a key: a secret piece of information that may be
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf used to encrypt or decrypt a message. As long as this key is kept
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf secret, nobody other than the sender or recipient can read the message.
5b111d121ddb14d690dde7c180402d0b9a030b7and If Alice and the bank know a secret key, then they can send each other
5b111d121ddb14d690dde7c180402d0b9a030b7and private messages. The task of sharing a key between sender and recipient
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf before communicating, while also keeping it secret from others, can be
5b111d121ddb14d690dde7c180402d0b9a030b7and problematic.</dd>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <dd>also known as asymmetric cryptography, solves the key exchange
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd problem by defining an algorithm which uses two keys, each of which
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd may be used to encrypt a message. If one key is used to encrypt a
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd message then the other must be used to decrypt it. This makes it
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd possible to receive secure messages by simply publishing one key
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd (the public key) and keeping the other secret (the private key).</dd>
5b111d121ddb14d690dde7c180402d0b9a030b7and <p>Anyone can encrypt a message using the public key, but only the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd owner of the private key will be able to read it. In this way, Alice
5b111d121ddb14d690dde7c180402d0b9a030b7and can send private messages to the owner of a key-pair (the bank), by
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodl encrypting them using their public key. Only the bank will be able to
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodl decrypt them.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="messagedigests" id="messagedigests">Message Digests</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>Although Alice may encrypt her message to make it private, there
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd is still a concern that someone might modify her original message or
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd substitute it with a different one, in order to transfer the money
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd to themselves, for instance. One way of guaranteeing the integrity
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf of Alice's message is for her to create a concise summary of her
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf message and send this to the bank as well. Upon receipt of the message,
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf the bank creates its own summary and compares it with the one Alice
5b111d121ddb14d690dde7c180402d0b9a030b7and sent. If the summaries are the same then the message has been received
5b111d121ddb14d690dde7c180402d0b9a030b7and intact.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>A summary such as this is called a <dfn>message digest</dfn>, <em>one-way
5b111d121ddb14d690dde7c180402d0b9a030b7and function</em> or <em>hash function</em>. Message digests are used to create
5b111d121ddb14d690dde7c180402d0b9a030b7and a short, fixed-length representation of a longer, variable-length message.
b162faef0d188f69cb2e8cee610da66ed12586b0noodl Digest algorithms are designed to produce a unique digest for each
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf message. Message digests are designed to make it impractically difficult
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf to determine the message from the digest and (in theory) impossible to
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf find two different messages which create the same digest -- thus
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf eliminating the possibility of substituting one message for another while
5b111d121ddb14d690dde7c180402d0b9a030b7and maintaining the same digest.</p>
5b111d121ddb14d690dde7c180402d0b9a030b7and <p>Another challenge that Alice faces is finding a way to send the digest
5b111d121ddb14d690dde7c180402d0b9a030b7and to the bank securely; if the digest is not sent securely, its integrity may
b162faef0d188f69cb2e8cee610da66ed12586b0noodl be compromised and with it the possibility for the bank to determine the
5b111d121ddb14d690dde7c180402d0b9a030b7and integrity of the original message. Only if the digest is sent securely can
5b111d121ddb14d690dde7c180402d0b9a030b7and the integrity of the associated message be determined.</p>
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf <p>One way to send the digest securely is to include it in a digital
5b111d121ddb14d690dde7c180402d0b9a030b7and signature.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="digitalsignatures" id="digitalsignatures">Digital Signatures</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>When Alice sends a message to the bank, the bank needs to ensure that the
5b111d121ddb14d690dde7c180402d0b9a030b7andmessage is really from her, so an intruder cannot request a transaction
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndinvolving her account. A <em>digital signature</em>, created by Alice and
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndincluded with the message, serves this purpose.</p>
b162faef0d188f69cb2e8cee610da66ed12586b0noodl<p>Digital signatures are created by encrypting a digest of the message and
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodlother information (such as a sequence number) with the sender's private key.
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodlThough anyone can <em>decrypt</em> the signature using the public key, only the
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodlsender knows the private key. This means that only the sender can have signed
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodlthe message. Including the digest in the signature means the signature is only
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodlgood for that message; it also ensures the integrity of the message since no one
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodlcan change the digest and still sign it.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>To guard against interception and reuse of the signature by an intruder at a
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndlater date, the signature contains a unique sequence number. This protects
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndthe bank from a fraudulent claim from Alice that she did not send the message
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd-- only she could have signed it (non-repudiation).</p>
5a58787efeb02a1c3f06569d019ad81fd2efa06end</div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<h2><a name="certificates" id="certificates">Certificates</a></h2>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>Although Alice could have sent a private message to the bank, signed
b162faef0d188f69cb2e8cee610da66ed12586b0noodlit and ensured the integrity of the message, she still needs to be sure
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndthat she is really communicating with the bank. This means that she needs
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsfto be sure that the public key she is using is part of the bank's key-pair,
5b111d121ddb14d690dde7c180402d0b9a030b7andand not an intruder's. Similarly, the bank needs to verify that the message
5b111d121ddb14d690dde7c180402d0b9a030b7andsignature really was signed by the private key that belongs to Alice.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>If each party has a certificate which validates the other's identity,
b162faef0d188f69cb2e8cee610da66ed12586b0noodlconfirms the public key and is signed by a trusted agency, then both
5b111d121ddb14d690dde7c180402d0b9a030b7andcan be assured that they are communicating with whom they think they are.
b162faef0d188f69cb2e8cee610da66ed12586b0noodlSuch a trusted agency is called a <em>Certificate Authority</em> and
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndcertificates are used for authentication.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="certificatecontents" id="certificatecontents">Certificate Contents</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>A certificate associates a public key with the real identity of
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd an individual, server, or other entity, known as the subject. As
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd shown in <a href="#table1">Table 1</a>, information about the subject
b162faef0d188f69cb2e8cee610da66ed12586b0noodl includes identifying information (the distinguished name) and the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd public key. It also includes the identification and signature of the
b162faef0d188f69cb2e8cee610da66ed12586b0noodl Certificate Authority that issued the certificate and the period of
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd time during which the certificate is valid. It may have additional
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd information (or extensions) as well as administrative information
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd for the Certificate Authority's use, such as a serial number.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <h4><a name="table1" id="table1">Table 1: Certificate Information</a></h4>
e884f58207082fa2136d5fc86635c31252338948erikabele <td>Basic Constraints, Netscape Flags, etc.</td></tr>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>A distinguished name is used to provide an identity in a specific
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd context -- for instance, an individual might have a personal
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd certificate as well as one for their identity as an employee.
b162faef0d188f69cb2e8cee610da66ed12586b0noodl Distinguished names are defined by the X.509 standard [<a href="#X509">X509</a>], which defines the fields, field names and
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd abbreviations used to refer to the fields (see <a href="#table2">Table
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <h4><a name="table2" id="table2">Table 2: Distinguished Name Information</a></h4>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <td>Name is associated with this <br />organization unit, such
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd as a department</td>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>A Certificate Authority may define a policy specifying which
b162faef0d188f69cb2e8cee610da66ed12586b0noodl distinguished field names are optional and which are required. It
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd may also place requirements upon the field contents, as may users of
5b111d121ddb14d690dde7c180402d0b9a030b7and certificates. For example, a Netscape browser requires that the
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf Common Name for a certificate representing a server matches a wildcard
5b111d121ddb14d690dde7c180402d0b9a030b7and pattern for the domain name of that server, such
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The binary format of a certificate is defined using the ASN.1
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic notation [<a href="#ASN1">ASN1</a>] [<a href="#PKCS">PKCS</a>]. This
b162faef0d188f69cb2e8cee610da66ed12586b0noodl notation defines how to specify the contents and encoding rules
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd define how this information is translated into binary form. The binary
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd encoding of the certificate is defined using Distinguished Encoding
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Rules (DER), which are based on the more general Basic Encoding Rules
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd (BER). For those transmissions which cannot handle binary, the binary
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd form may be translated into an ASCII form by using Base64 encoding
5b111d121ddb14d690dde7c180402d0b9a030b7and [<a href="#MIME">MIME</a>]. When placed between begin and end delimiter
5b111d121ddb14d690dde7c180402d0b9a030b7and lines (as below), this encoded version is called a PEM ("Privacy Enhanced
5b111d121ddb14d690dde7c180402d0b9a030b7and Mail") encoded certificate.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <div class="example"><h3>Example of a PEM-encoded certificate (snakeoil.crt)</h3><pre>-----BEGIN CERTIFICATE-----
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndMIIC7jCCAlegAwIBAgIBATANBgkqhkiG9w0BAQQFADCBqTELMAkGA1UEBhMCWFkx
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndFTATBgNVBAgTDFNuYWtlIERlc2VydDETMBEGA1UEBxMKU25ha2UgVG93bjEXMBUG
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndA1UEChMOU25ha2UgT2lsLCBMdGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhv
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndcml0eTEVMBMGA1UEAxMMU25ha2UgT2lsIENBMR4wHAYJKoZIhvcNAQkBFg9jYUBz
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndbmFrZW9pbC5kb20wHhcNOTgxMDIxMDg1ODM2WhcNOTkxMDIxMDg1ODM2WjCBpzEL
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndMAkGA1UEBhMCWFkxFTATBgNVBAgTDFNuYWtlIERlc2VydDETMBEGA1UEBxMKU25h
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nda2UgVG93bjEXMBUGA1UEChMOU25ha2UgT2lsLCBMdGQxFzAVBgNVBAsTDldlYnNl
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndcnZlciBUZWFtMRkwFwYDVQQDExB3d3cuc25ha2VvaWwuZG9tMR8wHQYJKoZIhvcN
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndAQkBFhB3d3dAc25ha2VvaWwuZG9tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndgQDH9Ge/s2zcH+da+rPTx/DPRp3xGjHZ4GG6pCmvADIEtBtKBFAcZ64n+Dy7Np8b
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndvKR+yy5DGQiijsH1D/j8HlGE+q4TZ8OFk7BNBFazHxFbYI4OKMiCxdKzdif1yfaa
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndlWoANFlAzlSdbxeGVHoT0K+gT5w3UxwZKv2DLbCTzLZyPwIDAQABoyYwJDAPBgNV
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndHRMECDAGAQH/AgEAMBEGCWCGSAGG+EIBAQQEAwIAQDANBgkqhkiG9w0BAQQFAAOB
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndgQAZUIHAL4D09oE6Lv2k56Gp38OBDuILvwLg1v1KL8mQR+KFjghCrtpqaztZqcDt
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd2q2QoyulCgSzHbEGmi0EsdkPfg6mp0penssIFePYNI+/8u9HT4LuKMJX15hxBam7
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="certificateauthorities" id="certificateauthorities">Certificate Authorities</a></h3>
5b111d121ddb14d690dde7c180402d0b9a030b7and <p>By verifying the information in a certificate request
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd before granting the certificate, the Certificate Authority assures
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf itself of the identity of the private key owner of a key-pair.
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf For instance, if Alice requests a personal certificate, the
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf Certificate Authority must first make sure that Alice really is the
3e3a55f16ef1cbe693e8fe43ed439bdf45945767noodl person the certificate request claims she is.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <h4><a name="certificatechains" id="certificatechains">Certificate Chains</a></h4>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>A Certificate Authority may also issue a certificate for
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd another Certificate Authority. When examining a certificate,
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Alice may need to examine the certificate of the issuer, for each
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd parent Certificate Authority, until reaching one which she has
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd confidence in. She may decide to trust only certificates with a
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd limited chain of issuers, to reduce her risk of a "bad" certificate
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd in the chain.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <h4><a name="rootlevelca" id="rootlevelca">Creating a Root-Level CA</a></h4>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>As noted earlier, each certificate requires an issuer to assert
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd the validity of the identity of the certificate subject, up to
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd the top-level Certificate Authority (CA). This presents a problem:
5b111d121ddb14d690dde7c180402d0b9a030b7and who can vouch for the certificate of the top-level
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd authority, which has no issuer? In this unique case, the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd certificate is "self-signed", so the issuer of the certificate is
5b111d121ddb14d690dde7c180402d0b9a030b7and the same as the subject. Browsers are preconfigured to trust well-known
5b111d121ddb14d690dde7c180402d0b9a030b7and certificate authorities, but it is important to exercise extra care in
5b111d121ddb14d690dde7c180402d0b9a030b7and trusting a self-signed certificate. The wide publication of a
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd public key by the root authority reduces the risk in trusting this
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd key -- it would be obvious if someone else publicized a key
5b111d121ddb14d690dde7c180402d0b9a030b7and claiming to be the authority.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>A number of companies, such as <a href="http://www.thawte.com/">Thawte</a> and <a href="http://www.verisign.com/">VeriSign</a>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd have established themselves as Certificate Authorities. These
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd companies provide the following services:</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>It is also possible to create your own Certificate Authority.
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Although risky in the Internet environment, it may be useful
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd within an Intranet where the organization can easily verify the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd identities of individuals and servers.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <h4><a name="certificatemanagement" id="certificatemanagement">Certificate Management</a></h4>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>Establishing a Certificate Authority is a responsibility which
b162faef0d188f69cb2e8cee610da66ed12586b0noodl requires a solid administrative, technical and management
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd framework. Certificate Authorities not only issue certificates,
5b111d121ddb14d690dde7c180402d0b9a030b7and they also manage them -- that is, they determine for how long
b162faef0d188f69cb2e8cee610da66ed12586b0noodl certificates remain valid, they renew them and keep lists of
5b111d121ddb14d690dde7c180402d0b9a030b7and certificates that were issued in the past but are no longer valid
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf (Certificate Revocation Lists, or CRLs).</p>
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf <p>For example, if Alice is entitled to a certificate as an
b162faef0d188f69cb2e8cee610da66ed12586b0noodl employee of a company but has now left
5b111d121ddb14d690dde7c180402d0b9a030b7and that company, her certificate may need to be revoked.
5b111d121ddb14d690dde7c180402d0b9a030b7and Because certificates are only issued after the subject's identity has
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf been verified and can then be passed around to all those with whom
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf the subject may communicate, it is impossible to tell from the
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf certificate alone that it has been revoked.
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf Therefore when examining certificates for validity
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf it is necessary to contact the issuing Certificate Authority to
5b111d121ddb14d690dde7c180402d0b9a030b7and check CRLs -- this is usually not an automated part of the process.</p>
5b111d121ddb14d690dde7c180402d0b9a030b7and <p>If you use a Certificate Authority that browsers are not configured
5b111d121ddb14d690dde7c180402d0b9a030b7and to trust by default, it is necessary to load the Certificate
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Authority certificate into the browser, enabling the browser to
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd validate server certificates signed by that Certificate Authority.
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Doing so may be dangerous, since once loaded, the browser will
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd accept all certificates signed by that Certificate Authority.</p>
5a58787efeb02a1c3f06569d019ad81fd2efa06end</div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<h2><a name="ssl" id="ssl">Secure Sockets Layer (SSL)</a></h2>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>The Secure Sockets Layer protocol is a protocol layer which may be
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndplaced between a reliable connection-oriented network layer protocol
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd(e.g. TCP/IP) and the application protocol layer (e.g. HTTP). SSL provides
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndfor secure communication between client and server by allowing mutual
b162faef0d188f69cb2e8cee610da66ed12586b0noodlauthentication, the use of digital signatures for integrity and encryption
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndfor privacy.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<p>The protocol is designed to support a range of choices for specific
b162faef0d188f69cb2e8cee610da66ed12586b0noodlalgorithms used for cryptography, digests and signatures. This allows
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndalgorithm selection for specific servers to be made based on legal, export
b162faef0d188f69cb2e8cee610da66ed12586b0noodlor other concerns and also enables the protocol to take advantage of new
b162faef0d188f69cb2e8cee610da66ed12586b0noodlalgorithms. Choices are negotiated between client and server when
b162faef0d188f69cb2e8cee610da66ed12586b0noodlestablishing a protocol session.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="table4" id="table4">Table 4: Versions of the SSL protocol</a></h3>
b162faef0d188f69cb2e8cee610da66ed12586b0noodl <td>First SSL protocol for which implementations exist</td>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <td>Expired Internet Draft (from Netscape Corp.) [<a href="#SSL3">SSL3</a>]</td>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <td>Revisions to prevent specific security attacks, add non-RSA
b162faef0d188f69cb2e8cee610da66ed12586b0noodl ciphers and support for certificate chains</td>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <td>Proposed Internet Standard (from IETF) [<a href="#TLS1">TLS1</a>]</td>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <td>Revision of SSL 3.0 to update the MAC layer to HMAC, add block
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd padding for block ciphers, message order standardization and more
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd alert messages.</td>
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic <td>Proposed Internet Standard (from IETF) [<a href="#TLS11">TLS11</a>]</td>
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic <td>Update of TLS 1.0 to add protection against Cipher block chaining
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic (CBC) attacks.</td>
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic <td>Proposed Internet Standard (from IETF) [<a href="#TLS12">TLS12</a>]</td>
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic <td>Update of TLS 1.2 deprecating MD5 as hash, and adding incompatibility
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic to SSL so it will never negotiate the use of SSLv2.</td>
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf<p>There are a number of versions of the SSL protocol, as shown in
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<a href="#table4">Table 4</a>. As noted there, one of the benefits in
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndSSL 3.0 is that it adds support of certificate chain loading. This feature
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndallows a server to pass a server certificate along with issuer certificates
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndto the browser. Chain loading also permits the browser to validate the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndserver certificate, even if Certificate Authority certificates are not
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndinstalled for the intermediate issuers, since they are included in the
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsfcertificate chain. SSL 3.0 is the basis for the Transport Layer Security
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd[<a href="#TLS1">TLS</a>] protocol standard, currently in development by
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndthe Internet Engineering Task Force (IETF).</p>
5b111d121ddb14d690dde7c180402d0b9a030b7and<h3><a name="session" id="session">Establishing a Session</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The SSL session is established by following a handshake sequence
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd between client and server, as shown in <a href="#figure1">Figure 1</a>. This sequence may vary, depending on whether the server
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd is configured to provide a server certificate or request a client
5b111d121ddb14d690dde7c180402d0b9a030b7and certificate. Although cases exist where additional handshake steps
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd are required for management of cipher information, this article
5b111d121ddb14d690dde7c180402d0b9a030b7and summarizes one common scenario. See the SSL specification for the full
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd range of possibilities.</p>
5b111d121ddb14d690dde7c180402d0b9a030b7and <p>Once an SSL session has been established, it may be reused. This
5b111d121ddb14d690dde7c180402d0b9a030b7and avoids the performance penalty of repeating the many steps needed
5b111d121ddb14d690dde7c180402d0b9a030b7and to start a session. To do this, the server assigns each SSL session a
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd unique session identifier which is cached in the server and which the
5b111d121ddb14d690dde7c180402d0b9a030b7and client can use in future connections to reduce the handshake time
157312a2bcbad225c12462fc6d74b1aa3f32dceehumbedooh (until the session identifier expires from the cache of the server).</p>
b6510e6d31bef4348df2678107930e1ad46d0954nd <img src="/images/ssl_intro_fig1.gif" alt="" width="423" height="327" /><br />
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <a id="figure1" name="figure1"><dfn>Figure 1</dfn></a>: Simplified SSL
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Handshake Sequence</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The elements of the handshake sequence, as used by the client and
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd server, are listed below:</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>Negotiate the Cipher Suite to be used during data transfer</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>Establish and share a session key between client and server</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>Optionally authenticate the server to the client</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>Optionally authenticate the client to the server</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The first step, Cipher Suite Negotiation, allows the client and
5b111d121ddb14d690dde7c180402d0b9a030b7and server to choose a Cipher Suite supported by both of them. The SSL3.0
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd protocol specification defines 31 Cipher Suites. A Cipher Suite is
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd defined by the following components:</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>Message Digest for creating the Message Authentication Code (MAC)</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>These three elements are described in the sections that follow.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="keyexchange" id="keyexchange">Key Exchange Method</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The key exchange method defines how the shared secret symmetric
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd cryptography key used for application data transfer will be agreed
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd upon by client and server. SSL 2.0 uses RSA key exchange only, while
5b111d121ddb14d690dde7c180402d0b9a030b7and SSL 3.0 supports a choice of key exchange algorithms including
5b111d121ddb14d690dde7c180402d0b9a030b7and RSA key exchange (when certificates are used), and Diffie-Hellman key
5b111d121ddb14d690dde7c180402d0b9a030b7and exchange (for exchanging keys without certificates, or without prior
5b111d121ddb14d690dde7c180402d0b9a030b7and communication between client and server).</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>One variable in the choice of key exchange methods is digital
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd signatures -- whether or not to use them, and if so, what kind of
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf signatures to use. Signing with a private key provides protection
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd against a man-in-the-middle-attack during the information exchange
5b111d121ddb14d690dde7c180402d0b9a030b7and used to generating the shared key [<a href="#AC96">AC96</a>, p516].</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="ciphertransfer" id="ciphertransfer">Cipher for Data Transfer</a></h3>
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf <p>SSL uses conventional symmetric cryptography, as described earlier,
5b111d121ddb14d690dde7c180402d0b9a030b7and for encrypting messages in a session.
5b111d121ddb14d690dde7c180402d0b9a030b7and There are nine choices of how to encrypt, including the option not to
5b111d121ddb14d690dde7c180402d0b9a030b7and encrypt:</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>Stream Ciphers
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>CBC Block Ciphers
5b111d121ddb14d690dde7c180402d0b9a030b7and <p>"CBC" refers to Cipher Block Chaining, which means that a
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd portion of the previously encrypted cipher text is used in the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd encryption of the current block. "DES" refers to the Data Encryption
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd Standard [<a href="#AC96">AC96</a>, ch12], which has a number of
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf variants (including DES40 and 3DES_EDE). "Idea" is currently one of
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf the best and cryptographically strongest algorithms available,
5b111d121ddb14d690dde7c180402d0b9a030b7and and "RC2" is a proprietary algorithm from RSA DSI [<a href="#AC96">AC96</a>, ch13].</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="digestfuntion" id="digestfuntion">Digest Function</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The choice of digest function determines how a digest is created
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd from a record unit. SSL supports the following:</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The message digest is used to create a Message Authentication Code
5b111d121ddb14d690dde7c180402d0b9a030b7and (MAC) which is encrypted with the message to verify integrity and to
5b111d121ddb14d690dde7c180402d0b9a030b7and protect against replay attacks.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="handshake" id="handshake">Handshake Sequence Protocol</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd for performing the client and server SSL session establishment.</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>The <dfn>SSL Change Cipher Spec Protocol</dfn> for actually
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd establishing agreement on the Cipher Suite for the session.</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <li>The <dfn>SSL Alert Protocol</dfn> for conveying SSL error
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd messages between client and server.</li>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>These protocols, as well as application protocol data, are
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd encapsulated in the <dfn>SSL Record Protocol</dfn>, as shown in
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <a href="#figure2">Figure 2</a>. An encapsulated protocol is
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd transferred as data by the lower layer protocol, which does not
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd examine the data. The encapsulated protocol has no knowledge of the
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd underlying protocol.</p>
b6510e6d31bef4348df2678107930e1ad46d0954nd <img src="/images/ssl_intro_fig2.gif" alt="" width="428" height="217" /><br />
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <a id="figure2" name="figure2"><dfn>Figure 2</dfn></a>: SSL Protocol Stack
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The encapsulation of SSL control protocols by the record protocol
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd means that if an active session is renegotiated the control protocols
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf will be transmitted securely. If there was no previous session,
5b111d121ddb14d690dde7c180402d0b9a030b7and the Null cipher suite is used, which means there will be no encryption and
5b111d121ddb14d690dde7c180402d0b9a030b7and messages will have no integrity digests, until the session has been
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd established.</p>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="datatransfer" id="datatransfer">Data Transfer</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>The SSL Record Protocol, shown in <a href="#figure3">Figure 3</a>,
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd is used to transfer application and SSL Control data between the
5b111d121ddb14d690dde7c180402d0b9a030b7and client and server, where necessary fragmenting this data into smaller units,
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd or combining multiple higher level protocol data messages into single
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd units. It may compress, attach digest signatures, and encrypt these
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd units before transmitting them using the underlying reliable transport
5b111d121ddb14d690dde7c180402d0b9a030b7and protocol (Note: currently, no major SSL implementations include support
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd for compression).</p>
b6510e6d31bef4348df2678107930e1ad46d0954nd <img src="/images/ssl_intro_fig3.gif" alt="" width="423" height="323" /><br />
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <a id="figure3" name="figure3"><dfn>Figure 3</dfn></a>: SSL Record Protocol
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<h3><a name="securehttp" id="securehttp">Securing HTTP Communication</a></h3>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd <p>One common use of SSL is to secure Web HTTP communication between
5b111d121ddb14d690dde7c180402d0b9a030b7and a browser and a webserver. This does not preclude the use of
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf non-secured HTTP - the secure version (called HTTPS) is the same as
9a58dc6a2b26ec128b1270cf48810e705f1a90dbsf plain HTTP over SSL, but uses the URL scheme <code>https</code>
5b111d121ddb14d690dde7c180402d0b9a030b7and rather than <code>http</code>, and a different server port (by default,
5b111d121ddb14d690dde7c180402d0b9a030b7and port 443). This functionality is a large part of what <code class="module"><a href="/mod/mod_ssl.html">mod_ssl</a></code> provides for the Apache webserver.</p>
5a58787efeb02a1c3f06569d019ad81fd2efa06end</div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
5a58787efeb02a1c3f06569d019ad81fd2efa06end<h2><a name="references" id="references">References</a></h2>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<dd>Bruce Schneier, <q>Applied Cryptography</q>, 2nd Edition, Wiley,
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd1996. See <a href="http://www.counterpane.com/">http://www.counterpane.com/</a> for various other materials by Bruce
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndSchneier.</dd>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<dd>ITU-T Recommendation X.208, <q>Specification of Abstract Syntax Notation
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalicOne (ASN.1)</q>, last updated 2008. See <a href="http://www.itu.int/ITU-T/asn1/">http://www.itu.int/ITU-T/asn1/</a>.
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<dd>ITU-T Recommendation X.509, <q>The Directory - Authentication
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalicFramework</q>. For references, see <a href="http://en.wikipedia.org/wiki/X.509">http://en.wikipedia.org/wiki/X.509</a>.
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndRSA Laboratories Technical Notes, See <a href="http://www.rsasecurity.com/rsalabs/pkcs/">http://www.rsasecurity.com/rsalabs/pkcs/</a>.</dd>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<dd>N. Freed, N. Borenstein, <q>Multipurpose Internet Mail Extensions
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd(MIME) Part One: Format of Internet Message Bodies</q>, RFC2045.
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalicSee for instance <a href="http://tools.ietf.org/html/rfc2045">http://tools.ietf.org/html/rfc2045</a>.</dd>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<dd>Alan O. Freier, Philip Karlton, Paul C. Kocher, <q>The SSL Protocol
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32ndVersion 3.0</q>, 1996. See <a href="http://www.netscape.com/eng/ssl3/draft302.txt">http://www.netscape.com/eng/ssl3/draft302.txt</a>.</dd>
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd<dd>Tim Dierks, Christopher Allen, <q>The TLS Protocol Version 1.0</q>,
3a5c8a7c39f03520463a70cf3f90091dc3a1eb32nd1999. See <a href="http://ietf.org/rfc/rfc2246.txt">http://ietf.org/rfc/rfc2246.txt</a>.</dd>
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic2006. See <a href="http://tools.ietf.org/html/rfc4346">http://tools.ietf.org/html/rfc4346</a>.</dd>
af3e63a9555a3512d03c30bb84afc0b4a51ebd14igalic2008. See <a href="http://tools.ietf.org/html/rfc5246">http://tools.ietf.org/html/rfc5246</a>.</dd>
cb0951ea9250cd378a00ec2b55a47b1904100023yoshiki<p><span>Available Languages: </span><a href="/en/ssl/ssl_intro.html" title="English"> en </a> |
25dc1b1dfaeed1c7f8c5f51ba2970dd201b63893nd<a href="/fr/ssl/ssl_intro.html" hreflang="fr" rel="alternate" title="Fran�ais"> fr </a> |
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung<a href="/ja/ssl/ssl_intro.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a></p>
727872d18412fc021f03969b8641810d8896820bhumbedooh</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
727872d18412fc021f03969b8641810d8896820bhumbedoohvar comments_shortname = 'httpd';
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedoohvar comments_identifier = 'http://httpd.apache.org/docs/trunk/ssl/ssl_intro.html';
0d0ba3a410038e179b695446bb149cce6264e0abnd(function(w, d) {
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedooh if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
727872d18412fc021f03969b8641810d8896820bhumbedooh d.write('<div id="comments_thread"><\/div>');
0d0ba3a410038e179b695446bb149cce6264e0abnd var s = d.createElement('script');
ac082aefa89416cbdc9a1836eaf3bed9698201c8humbedooh s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
0d0ba3a410038e179b695446bb149cce6264e0abnd (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
727872d18412fc021f03969b8641810d8896820bhumbedooh d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
0d0ba3a410038e179b695446bb149cce6264e0abnd})(window, document);
205f749042ed530040a4f0080dbcb47ceae8a374rjung<p class="apache">Copyright 2015 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
af33a4994ae2ff15bc67d19ff1a7feb906745bf8rbowen<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
0d0ba3a410038e179b695446bb149cce6264e0abndif (typeof(prettyPrint) !== 'undefined') {
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd prettyPrint();