SSL and TLS

An Overview of A Secure Communications Protocol

SSL/TLS is widely used to securely send data over the Internet, however it is not a magic solution, and without an understanding of how the protocol works and how the underlying technologies it is at best difficult to fully utilise SSL/TLS and at worst easy to use SSL/TLS in an insecure manner.
This presentation will explains how SSL/TLS work, from a high level protocol discussion of data integrity, confidentiality and endpoint verification, to a low level discussion of the different messages that make up the SSL/TLS protocol and the encryption techniques that ultimately secure the connection.
Presented at: Security Mini-Conf at Linux.Conf.Au, Canberra, April 2005
Paper: postscript, PDF, latex source.

| Horms Solutions | Simon Horman's Personal Page |

SSL/TLS is widely used to securely send data over the Internet, however it is not a magic solution, and without an understanding of how the protocol works and how the underlying technologies it is at best difficult to fully utilise SSL/TLS and at worst easy to use SSL/TLS in an insecure manner. This presentation will explains how SSL/TLS work, from a high level protocol discussion of data integrity, confidentiality and endpoint verification, to a low level discussion of the different messages that make up the SSL/TLS protocol and the encryption techniques that ultimately secure the connection.
Presented at:	Security Mini-Conf at Linux.Conf.Au, Canberra, April 2005
Paper:	postscript, PDF, latex source.