What is SSL? (Secure Sockets Layer)?

Question:

2009-08-26 03:37:53 UTC

What is SSL? (Secure Sockets Layer)?

Seven answers:

2009-08-26 03:42:29 UTC

It's actually called 'secure socket slayer' and it is a particularly nasty little virus that attacks and slays the secure socket inside your computer, this will result in your computer spontaneously combusting at any time.

2009-08-26 04:21:08 UTC

Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:.

Another protocol for transmitting data securely over the World Wide Web is Secure HTTP (S-HTTP). Whereas SSL creates a secure connection between a client and a server, over which any amount of data can be sent securely, S-HTTP is designed to transmit individual messages securely. SSL and S-HTTP, therefore, can be seen as complementary rather than competing technologies. Both protocols have been approved by the Internet Engineering Task Force (IETF) as a standard

2009-08-26 03:48:19 UTC

hi SSL is a protocol developed by Netscape for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.

Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:.

2009-08-26 05:05:32 UTC

"https" ('s' indicating 'secure) indicates that some method of signing a certificate (Verisign for example) was used to authenticate who the site says it is, (and a few other verification steps).

When available for a site, it merely indicates that traffic goes to who is indicated in the address bar, using encryption (so no one else can 'read' or intercept it).

In essence, it is a method of communication: nothing else.

It does not give any indication of reliability, trustworthiness, internal security, or anything else about a any particular business; or the content of the website or the presence of malware.

That you must do on your own.

Note: some sites 'sign' there own certificate & use a commonly available encryption method. Although the site may in fact be "on the level", this type of certificate can be questionable at the very least. When in doubt, right click the browser padlock and examine the certificate properties to verify exactly what and how it's being 'certified'.

Also note that even SSL (now termed "TLS") secure communication has it's weaknesses and know vulnerabilities, and is not an absolute state of affairs over the Internet.

2009-08-26 04:00:42 UTC

SSL is a transaction security standard developed by Netscape Communications to enable commercial transactions to take place over the otherwise notoriously non secure Internet. It's one of a few competing security standards.

More Details : http://www.openwavecomp.com/

colenikol

2009-08-26 03:48:55 UTC

Its a form of web security. Details are here: http://en.wikipedia.org/wiki/Ssl

Digital Bangalee

2009-08-26 03:42:09 UTC

Hm....

some kind of security sockets i guess

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.