As stated in my previous blog post, SSL
(Secure Socket Layer) is meant to enable encrypted data to be
transferred over the internet, while PKI (Public key infrastructure)
is meant to distribute and verify certificates to users (websites,
programs, etc) that signify a legitimate source and secure data. Data
sent by SSL that has a PKI certificate is not meant to be inspected
by anyone, except for the parties involved in the requests and
responses.
Thursday, February 16, 2012
Encryption decrypted?...
SSL, TLS, and PKI are very important tools for security on the internet. SSL is an abbreviation for Secure Socket Layer, TLS means Transport Layer Security.
Both of these are
application layer encryption protocols. PKI means Public key
infrastructure. PKI is a various assortment of implementations, such
as software, hardware, and people. PKI is used mainly to identify
and certify legitimate users based on a key that has been assigned.
Essentially, PKI uses Certificate and Registration Authorities (CA &
RA) to digitally sign the user into the database, and assign a key
that is generated pseudo-randomly and encrypted with cryptographic
protocols, such as SSL for example.
Subscribe to:
Posts (Atom)