Đang chuẩn bị liên kết để tải về tài liệu:
Internet Security Cryptographic Principles, Algorithms and Protocols - Chapter 8
Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Transport Layer Security: SSLv3 and TLSv1 Secure Sockets Layer 3 (SSLv3) phiên bản được giới thiệu bởi Netscape Communications Corporation vào năm 1995. SSLeay thực hiện cả hai SSLv2 và SSLv3 và TLSv1 của việc phát hành của SSLeay-0.9.0. SSLv3 được thiết kế với công cộng và đầu vào của ngành công nghiệp và được công bố như là một tài liệu Internet-Dự thảo. Sau khi đạt đến một sự đồng thuận ý kiến để tiêu chuẩn hóa Internet, Transport Layer Security (TLS) Group được hình thành trong IETF để phát triển một phiên bản ban đầu của TLS như. | 8 Transport Layer Security SSLv3 and TLSvl Secure Sockets Layer version 3 SSLv3 was introduced by Netscape Communications Corporation in 1995. SSLeay implements both SSLv2 and SSLv3 and TLSv1 as of the release of SSLeay-0.9.0. SSLv3 was designed with public review and input from industry and was published as an Internet-Draft document. After reaching a consensus of opinion to Internet standardisation the Transport Layer Security TLS Working Group was formed within IETF in order to develop an initial version of TLS as an Internet standard. The first version of TLS is very closely compatible with SSLv3. The TLSv1 protocol provides communications privacy and data integrity between two communicating parties over the Internet. Both the SSL and TLS protocols allow client server applications to communicate in such a way that they prevent eavesdropping tampering or message forgery. The SSL or TLS protocol is composed of two layers the SSL or TLS Record Protocol and the SSL or TLS Handshake Protocol. This chapter is devoted to a full discussion of the protocols of both SSLv3 and TLSv1. 8.1 SSL Protocol SSL is a layered protocol. It is not a single protocol but rather two layers of protocols. At the lower level the SSL Record Protocol is layered on top of some reliable transport protocol such as TCP. The SSL Record Protocol is also used to encapsulate various higher-level protocols. A higher-level protocol can layer on top of the SSL protocol transparently. For example the HyperText Transfer Protocol HTTP which provides a transfer service for Web client server interaction can operate on top of the SSL Record Protocol. The SSL Record Protocol takes the upper-layer application message to be transmitted fragments the data into manageable blocks optionally compresses the data applies an MAC encrypts adds a header and transmits the result to TCP. The received data is Internet Security. Edited by M.Y. Rhee 2003 John Wiley Sons Ltd ISBN 0-470-85285-2 278 INTERNET SECURITY SSL .