In Chapter 11 on page 377, we discussed the capabilities for invoking cryptographic functions from within Java code. However, most programmers and application designers would prefer to work with ready-built cryptographic protocols rather than have to create them from the basic elements of encryption and digital signatures.

Secure Sockets Layer is the most widely used protocol for implementing cryptography in the Web. The advantage of a protocol such as SSL is that it removes the need for the application developer to deal with the nuts and bolts of cryptography. J2EE can make use of this function in two ways: by using the SSL support built into the J2EE products and/or by using an SSL