5/3/11

SSL V2 Protocol

SSL stands for Secure Socket Layer. The protocol is the security system at the heart of HTTPS (Hypertext Transfer Protocol Secure). Nescape Communications developed SSL and HTTP to answer demand for a standard security method for web pages accepting credit card details. SSL version 1 was a development phase. When SSL was released to the general public it had already evolved into SSL version 2 (SSL v2).
  • Function

    • SSL v2 includes two security measures. The first is a system of authentication based on certificates. A server proves its identity through a certificate purchased from a certificate authority (CA). The client refers to the CA's database to verify the certificate. The second measure is encryption of the connection, which is established at the point of negotiating the connection.

    Features

    • Version 2 of SSL improved on version 1 by enabling a choice of encryption systems. The system offers a choice of six cypher suites, all based on the RSA public key method of encryption.

    Development

    • SSL v2 was released in 1995. However, a number of security weaknesses caused it to be replaced by SSL version 3 in 1996. Version 3 was the most popular incarnation of SSL. It eventually was replaced by the Transport Layer Security (TLS) protocol. However, SSL was so successful that many still refer to SSL even though their implementation includes TLS.

  • No comments: