-What is SSL?
SSL stands for Secure Socket Layer. The Secure implies an encryption, while Socket Layer denotes an addition to the Window Socket system, Winsock. For those that don't know, a Socket is an attachment to a port on a system. You can have many sockets on one port, provided they are non-blocking (allowing control to pass through to another socket aware application which wishes to connect to that port).
A Secure Socket Layer means that any sockets under it are both secure and safe. The idea behind SSL was to provide an encrypted, and thus, secure route for traffic along a socket based system, such as TCP/IP (the internet protocol). Doing this allows security in credit card transactions on the Internet, encrypted and protected communication along a data line, and overall peace of mind.
The SSL uses an encryption standard developed by RSA. RSA is a world respected American organisation that specializes in encryption and data security. Initially, they developed a cipher length of only 40 bits, for use with the Secure Socket Layer, this was considered weak and therefore a longer much more complicated encryption cipher was created, 128 bits. The reasoning behind it was simple: it needs to be secure.
The RSA site puts the advantage of a longer encryption length pretty clearly: because 40-bit encryption is considered to be relatively weak. 128-bits is about 309 septillion times (309,485,000,000,000,000,000,0
But what does all this encryption and security have to do with you?
Well, that's a simple question. No matter how hard you try, at times your privacy will need to be knowingly invaded so you can make use of the product offered for doing so. If you think about food, for example, one cannot eat without swallowing. When we wish to make a transaction or view a site on the internet, where we have to give enough information away so that it happens, we also want to be assured no one else along the line gathers that data. An encrypted session would mean our data is not at the hands of any privacy perpetrators unless they knew how to decode it. SSL uses public key encryption; to put this at a head: if you use an encrypted connection or session, you can be relatively assured that there are no prying eyes along the way.
-And how do I implement SSL with SSL Tunnelling?
We know that a Secure Socket Layer is safe, but what we don't know is what a Tunnel is. In the most simplistic form, a tunnel is a proxy. Like proxy voting in general elections, a tunnel will relay your data back and forth for you. You may be aware though, that there are already proxies out there. Tunnelling is done via proxies, but it is not considered to be the same as a standard proxy relaying.
Tunnelling is very special kind of proxy relay, in that it can, and does, relay data without interfering. It does this transparently and without grievance or any care for what is passing its way.
Now, if we add this ability to tunnel data, any data, in a pipe (pipelining), to the Secure Sockets Layer, we have a closed connection that is independent of the software carrying it; and something that is also encrypted. For those of you wanting to know a little more about the technicalities, the SSL layer is also classless in the sense it does not interfere with the data passed back and forth; after all, it is encrypted and impossible to tamper with. That attribute means a SSL capable proxy is able to transfer data out of its proxied connection to the destination required.
So to sum up, we have both a secure connection that does the job and relays things in the right direction; and we have direct tunnel that doesn't care what we pass through it. Two very useful, and almost blind entities. All we need now is a secure proxy that we can use as the tunnel.
Post a Comment