Brief Overview of SSL
Early versions of SSL—SSLv1, SSLv2 and SSLv3—were developed by Netscape Communications and made available to other vendors for implementation. As different implementations appeared with their own interpretations of not-so-well-specified aspects of the protocol, it became clear that a more formal approach to standardization was needed. In response, IETF formed the TLS working group in May of 1996 to standardize an SSL-like protocol. The result was a protocol specified in RFC 2246, a minor upgrade of SSLv3 and known as TLS, or at times as TLSv1. As the basic principles and mode of operation are the same for both SSLv3 and TLS, we use the term SSL while talking about features and capabilities common to both, reserving the terms ...
Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
