SSL - TCP-IP

This is a discussion on SSL - TCP-IP ; Which layer protocol is SSL? Is it the network layer or the transport layer. thanks Shaun...

+ Reply to Thread
Results 1 to 5 of 5

Thread: SSL

  1. SSL

    Which layer protocol is SSL?
    Is it the network layer or the transport layer.
    thanks
    Shaun


  2. Re: SSL

    oneders wrote:

    > Which layer protocol is SSL?
    > Is it the network layer or the transport layer.


    Neither. It's really a presentation layer. (flameproof suit ON)

  3. Re: SSL

    "oneders" wrote:

    > Which layer protocol is SSL?
    > Is it the network layer or the transport layer.
    > thanks
    > Shaun


    The newer or more generic (or more standards-based) name for SSL is TLS
    (Transport Layer Security), specified in RFC 4346. It operates at, and
    just above, the Transport Layer, I guess one could say. Since it is used
    in setting up sessions, maybe you could describe it to operate at the
    Session Layer (Layer 5).

    Quoting from RFC 4346:

    The protocol is
    composed of two layers: the TLS Record Protocol and the TLS Handshake
    Protocol. At the lowest level, layered on top of some reliable
    transport protocol (e.g., TCP[TCP]), is the TLS Record Protocol. The
    TLS Record Protocol provides connection security that has two basic
    properties:

    - The connection is private. Symmetric cryptography is used for
    data encryption (e.g., DES [DES], RC4 [SCH] etc.). The keys for
    this symmetric encryption are generated uniquely for each
    connection and are based on a secret negotiated by another
    protocol (such as the TLS Handshake Protocol). The Record
    Protocol can also be used without encryption.

    - The connection is reliable. Message transport includes a message
    integrity check using a keyed MAC. Secure hash functions (e.g.,
    SHA, MD5, etc.) are used for MAC computations. The Record
    Protocol can operate without a MAC, but is generally only used in
    this mode while another protocol is using the Record Protocol as a
    transport for negotiating security parameters.

    The TLS Record Protocol is used for encapsulation of various higher-
    level protocols. One such encapsulated protocol, the TLS Handshake
    Protocol, allows the server and client to authenticate each other and
    to negotiate an encryption algorithm and cryptographic keys before
    the application protocol transmits or receives its first byte of
    data.

    [ ... ]

    One advantage of TLS is that it is application protocol independent.
    Higher level protocols can layer on top of the TLS Protocol
    transparently. The TLS standard, however, does not specify how
    protocols add security with TLS; the decisions on how to initiate TLS
    handshaking and how to interpret the authentication certificates
    exchanged are left to the judgment of the designers and implementors
    of protocols that run on top of TLS.

    End quote.

    Bert


  4. Re: SSL

    oneders wrote:
    > Which layer protocol is SSL?
    > Is it the network layer or the transport layer.
    > thanks
    > Shaun
    >


    When is the homework or takehome exam due ?


  5. Re: SSL

    Isnt SSL also application independent..?
    The basic difference What I know between SSL and TSL is that SSL uses
    MAC and TSL uses HMAC which is more secure.
    I really appreciate the quick reply(ies).
    Thanx
    Shaun

    Albert Manfredi wrote:
    > "oneders" wrote:
    >
    > > Which layer protocol is SSL?
    > > Is it the network layer or the transport layer.
    > > thanks
    > > Shaun

    >
    > The newer or more generic (or more standards-based) name for SSL is TLS
    > (Transport Layer Security), specified in RFC 4346. It operates at, and
    > just above, the Transport Layer, I guess one could say. Since it is used
    > in setting up sessions, maybe you could describe it to operate at the
    > Session Layer (Layer 5).
    >
    > Quoting from RFC 4346:
    >
    > The protocol is
    > composed of two layers: the TLS Record Protocol and the TLS Handshake
    > Protocol. At the lowest level, layered on top of some reliable
    > transport protocol (e.g., TCP[TCP]), is the TLS Record Protocol. The
    > TLS Record Protocol provides connection security that has two basic
    > properties:
    >
    > - The connection is private. Symmetric cryptography is used for
    > data encryption (e.g., DES [DES], RC4 [SCH] etc.). The keys for
    > this symmetric encryption are generated uniquely for each
    > connection and are based on a secret negotiated by another
    > protocol (such as the TLS Handshake Protocol). The Record
    > Protocol can also be used without encryption.
    >
    > - The connection is reliable. Message transport includes a message
    > integrity check using a keyed MAC. Secure hash functions (e.g.,
    > SHA, MD5, etc.) are used for MAC computations. The Record
    > Protocol can operate without a MAC, but is generally only used in
    > this mode while another protocol is using the Record Protocol as a
    > transport for negotiating security parameters.
    >
    > The TLS Record Protocol is used for encapsulation of various higher-
    > level protocols. One such encapsulated protocol, the TLS Handshake
    > Protocol, allows the server and client to authenticate each other and
    > to negotiate an encryption algorithm and cryptographic keys before
    > the application protocol transmits or receives its first byte of
    > data.
    >
    > [ ... ]
    >
    > One advantage of TLS is that it is application protocol independent.
    > Higher level protocols can layer on top of the TLS Protocol
    > transparently. The TLS standard, however, does not specify how
    > protocols add security with TLS; the decisions on how to initiate TLS
    > handshaking and how to interpret the authentication certificates
    > exchanged are left to the judgment of the designers and implementors
    > of protocols that run on top of TLS.
    >
    > End quote.
    >
    > Bert



+ Reply to Thread