On Wed, Apr 05, 2000 at 10:51:50AM +0530, Binand Raj S. wrote:
> I am slightly confused about all these stuff. Mainly, ssh, openssh,
> ssl and so on. So far as I can make out, ssl is the library and ssh is
> the application.
Hi,
> The major contribution of Netscape to e-commerce is the SSL Protocol,which
has been endorsed by a list of companies as long as your arm, including the
Bank of America,Wells Fargo,VISA International etc....
[Based on encryption technology developed by RSA DSI ]SSL is a layer that
sits between the basic TCP/IP connection and any app specific protocol like
http,ftp etc...
When a user connects to a secure server that has e-commerce as its main
purpose,the browser -(in this case Netscape)-and the server perform a
handshaking routine that authenticates the the identity of the server from
its digital signature.They then secretly agree on the level of security
needed for the transaction and set of public encryption keys used.After the
connection is established the data stream between the user and merchant is
encrypted.
Not only is the credit card info encrypted,but the entire transaction is
scrambled as well.
IE -- also includes a security protocol known as SET with roughly the same
specs.
Now open ssh is a protocol, built into OpenBSD,using 448bit Blowfish
encryption(That makes it the most secure system available***Win2000 uses
128 bit keys only).The mentioned algorithm is one of the strongest available
to
the general public without nasty license/patent laws,source code available
for free from Counterpane Labs,to be used in whatever app you want to make.
bye
Kaushik Sen
Equitel Franchise Pvt Ltd.
mail to -<[EMAIL PROTECTED]> or
<[EMAIL PROTECTED]>
-----------------------------------------------------------------------
For more information on the LIH mailing list see:
http://lists.linux-india.org/lists/LIH
