At 11:04 AM 11/29/00 -0500, Pino wrote:
>Another question...
>
>Does the SSL Server have to be a standalone or can it be a service that
>will run with what ever else exists on the server?
The "SSL server" is just another application running on a
machine. One example is Apache web server, which
can be built with mod_ssl and OpenSSL to service
HTTPS requests on port 443. There's no reason that other
applications couldn't be running on the same machine.
You can write your own server application which uses
OpenSSL to communicate with your own client
application on other machines.
>Can I have two machines communicate with each other encrypting the data
>transmitted between them? Or a network of machines from cross platforms?
Yes, though I should be careful here to make sure I understand you.
SSL is an application-layer protocol, so applications which use SSL
(and the same higher-level protocol such as HTTPS or SMTP) know
how to talk to each other.
On the other hand, if you mean that you want *all* network communication
between machines to be encrypted, and don't want to use all new
SSL-capable applications, that is different. In that case, IPSEC is more
appropriate. If you trust your local network, you can buy routers with IPSEC
already built in to send data securely to other sites. If you don't trust
your
local network, then IPSEC would have to be installed and configured on
every computer (and not all operating systems support IPSEC).
((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((
Tom Biggs
'89 FJ1200 DoD #1146
"The whole aim of practical politics is to keep the populace alarmed -
and hence clamorous to be led to safety - by menacing it with an endless
series of hobgoblins, all of them imaginary." -- H.L. Mencken
))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
