Java Reference
In-Depth Information
Two steps are involved in creating a digest value. The first is to apply a mathematical formula
to the ID/password combination. The second is to permute the mathematical calculation with a
nonce. This makes each request more secure because the digest is unique to each request.
A nonce is a server-specific data string that is uniquely generated each time a pro-
tected resource is requested.
Secure Sockets Layer (SSL)
The Secure Sockets Layer (SSL) is an authentication protocol used to send encrypted informa-
tion over the Internet. It was originally developed by Netscape to transfer secure information
between its Web browser and Web server products. Since then, it has been widely adopted and
is now one of the most popular methods for sending encrypted information over the Internet.
SSL is implemented as a layer between the TCP/IP protocol and the application layer.
The following steps are involved in sending secure messages using the SSL protocol:
A client makes a request for a resource located on a secure site.
The server signs its public key with its private key and sends the public key back to the
The client takes the returned public key and makes sure the appropriate owner signed it.
The client verifies that the key was signed by an approved certificate authority.
The client creates a key that is encrypted with the public key of the server and sends the
newly constructed key back to the server.
The server optionally compresses the information requested by the client.
The server encrypts the message using the key created in step 5.
The server transmits the message to the client.
The client receives the message.
The message is decrypted using the same key created in step 5.
The message is decompressed if necessary and delivered to the client.
All further requests restart at step 6, using the same public key.
The first 5 steps make the SSL protocol a very secure way to send information across the
Internet. The only real drawback of the SSL protocol is the performance degradation taken dur-
ing the public key encryption and decryption required during these first five steps.
Search WWH ::

Custom Search