How
SSL Works
SSL installs a transparent
layer rather than building on HTTP. This means that the system works with
any standard protocol including HTTP, FTP, Telnet or Gopher. The system
works by establishing a separate secure channel for all messages using HTTP.
This secure channel is set up by the SSL protocols on the server and
browsers. The initial handshaking defines the keys used and establishes the
connection – a conversation would sound like this:
1. The browser communicates with
the Web server.
2. The browser and server
exchange ID information containing authentication details.
3. The browser checks the
server’s ID information and uses this to generate a new key.
4. The browser now asks for a
server-verify of a new key.
5. The browser now
authenticates the server with the key and the previous authentication
details.
6. The key can now be used to
encrypt all information over the newly established secure channel, i.e.
credit card details etc.
Please note. SSL only secures
the connection between your browser and the web server. It does nothing to
protect the information once it is on the server.
|
