RE: SSL workings

["dave kleiman" <dave () isecureu com>]

As you establish the connection, the port your client uses may change as you
go from page to page within the SSL transaction.  You will even establish a
temporary port connect to crl.verisign.com (or whomever the certificate is
issued by) to verify the Certificate. But you will always be connected to
0.0.0.0:https (443) by default.

Each piece of data is transmitted from the client port to the server port
that is established.

Is that what you are asking?


 
_______________________________
Dave Kleiman, CISSP, MCSE, CIFI
dave () isecureu com
www.SecurityBreachResponse.com

"High achievement always takes place in the framework of high expectation."
Jack Kinder

 



-----Original Message-----
From: Trystano () aol com [mailto:Trystano () aol com] 
Sent: Tuesday, December 02, 2003 20:08
To: dave () isecureu com; security-basics () securityfocus com
Subject: Re: SSL workings


Cheers, Dave, for the info.

I actually know all about what SSL does etc. Maybe I worded the question 
wrong :-s

Maybe what I need to know lies a little deeper. I want to know that when a 
client machine communicates with a server, out of what port does this 
information travel from the clients machine.

And also, if a client and server communicate via SSL, is the data
transferred 
in a secure state via the same port that data is normally sent, or is the 
data transferred through a separate port??

Cheers all.

Tryst




---------------------------------------------------------------------------
----------------------------------------------------------------------------