Security Basics mailing list archives
RE: SSL workings
From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Tue, 02 Dec 2003 17:56:57 -0600
Yes, it sounds like you're a beginner; we all were at one time. Being a beginner, however, does not excuse you from your responsibility of _attempting_ to research a topic on your own before bringing it to a public forum. See http://www.catb.org/~esr/faqs/smart-questions.html for information on "How to Ask Questions the Smart Way". Now, to answer your question, and some of the questions you inevitably _will_ have the deeper you research, first memorize this URL to find RFCs: http://search.ietf.org/ AFAIK, SSL was a Netscape spec, though, so it's here: http://wp.netscape.com/eng/ssl3/draft302.txt And, you might as well read up on the successor to SSL, TLS: http://www.ietf.org/rfc/rfc2246.txt TLS again, this obseletes the preceeding doc: http://www.ietf.org/rfc/rfc3546.txt Depending on _how_ new you are, you may also find this useful: http://ietf.org/rfc/rfc2151.txt I don't intend any offense; it just pisses me off when it appears someone hasn't even attempted to help themselves before asking or expecting the community to help them. Help us help you. Joey Peloquin -----Original Message----- From: trystano () aol com [mailto:trystano () aol com] Sent: Tuesday, December 02, 2003 11:18 AM To: security-basics () securityfocus com Subject: SSL workings Can some please highlight exactly how SSL works. I know it encrypts data sent between a client and a server and uses authentications through use of certificates etc. But does it secure the a socket/port out of which the data is being transffered. Does SSL send data through a different port that normal unprotected data transfers? Sorry if this sounds kind of beginner like :-s Cheers Tryst
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer.
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SSL workings trystano (Dec 02)
- RE: SSL workings Joey Peloquin (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- Re: SSL workings Creed Erickson (Dec 03)
- Re: SSL workings Markus Müssig (Dec 03)
- <Possible follow-ups>
- Re: SSL workings Trystano (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- RE: SSL workings Joey Peloquin (Dec 03)
- SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- RE: SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- CSI/FBI Survey Meritt James (Dec 04)