Web Security, Privacy and Commerce, 2nd Edition
only for RuBoard - do not distribute or recompile |
Appendix B. The SSL/TLS Protocol
This appendix describes the SSL Version 3.0 protocol introduced in Chapter 5. It gives a general overview of the protocol that's appropriate for a semi-technical audience.
The Internet Engineering Task Force (IETF) Transport Layer Security (TLS) working group was established in 1996 to create an open stream encryption standard. The group began working with SSL Version 3.0 and, in 1999, published RFC 2246. "TLS Protocol Version 1.0" RFC 2712 adds Kerberos authentication to TLS. RFC 2817 and 2818 apply to TLS using HTTP/1.1.
TLS is a general-purpose protocol for encrypting web, email, and other stream-oriented information sent over the Internet. But while TLS may eventually supersede SSL, it could be years before this happens. Even once TLS becomes widely used, people may still call it SSL by sheer force of habit.
The charter for the TLS working group can be found at http://www.ietf.org/html.charters/tls-charter.html.
only for RuBoard - do not distribute or recompile |