SSL (Secure Sockets Layer) is a commonly-used protocol managing the security of a message transmission on the Internet. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. SSL was developed by Netscape and is now supported by Microsoft and other Internet client/server developers as well. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.
SSL is an integral part of most Web browsers (clients) and Web servers. If a web site is on a server that supports SSL, SSL can be enabled and specific Web pages can be identified as requiring SSL access. Any Web server can be enabled by using Netscape's SSLRef program library which can be downloaded for noncommercial use or licensed for commercial use. SSL is an alternative to another commonly-used security protocol, S-HTTP. Newer browsers support both SSL and S-HTTP. Currently a de facto standard, SSL has been submitted to the Internet Engineering Task Force (IETF) as a proposed official standard.
For more information on this term, go to: Security Standards and Guidelines
This was first published in December 2000