Technically SSL works as follows:
At the "https" Your browser recognises that he mentioned server, a certificate request. For the server the browser has returned a certificate, it must be certified by the certification body. Then notify the server of this certificate directly to the browser. The browser receives from the directory service of the certification authority information, whether the certificate is valid. Based on these data, the browser can now check whether he really is connected to the server, in the URL. If so, your browser indicates a secure connection. For Internet Explorer and Firefox, this is done by a closed padlock. The Netscape Navigator / Communicator shows a secure page by the key intact.
Then the two agree on a balanced computer keys. This understanding is happening in the safe asymmetric encryption. To really on the safe side, your browser sends the server before the start of the actual data exchange some test messages. This can only answer the server when it is actually the server, which he pretends to be.
Looking even further the three objectives of encryption: does the SSL protocol so that a secure connection:
1st Your data is confidential, because the content of your messages only encrypted over the network.
2nd The authenticity of the server.
3rd Your data is protected from tampering, as effective algorithms examine whether the data is complete and unaltered their respective recipients.
Meanwhile, SSL as a standard for encryption established browser. Meanwhile, but also Transport Layer Security (TLS). TLS is in place by SSL 3.0 standardized and expanded the range of use encryption methods to the Advanced Encryption Standard (AES). TLS is based on the more complex encryption methods Triple DES (Data Encryption Standard - Datenverschlüsselungs standard) or other algorithms. It supports the encryption of e-mails and the proof of identity for commercial online transactions. |
