The SSL process works as follows:

  1. Client connects to web server and gives a list of available ciphers.
  2. Server picks the strongest cipher that both it and the client support, and sends back a certificate with its name and public encryption key, signed by a trusted Certificate Authority (such as Verisign).
  3. The client checks the certificate with the CA. In practice, clients tend to have a collection of CAs locally, so this can be done without having to contact the CA in realtime, and therefore more quickly.
  4. The client sends back a random number encrypted with the server’s public key. Only the client knows the number, and only the server can decrypt it (using its private key); this is where the third-party security comes in.
  5. Server and client use this random number to generate key material to use for the rest of the transaction.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">