===== RFC6101 - The Secure Sockets Layer (SSL) Protocol Version 3.0 =====
[[dido:public:ra:xapend:xapend.b_stds:tech:ietf:start| return to the IETF Standards ]]

<table>
<caption>Data sheet for The [[dido:public:ra:xapend:xapend.a_glossary:s:ssl|Secure Sockets Layer (SSL)]] Protocol Version 3.0</caption>
| Title                      | The Secure Sockets Layer (SSL) Protocol Version 3.0 |
| Acronym                    | SSL |
| Version                    | 3.0 |
| Document Number            | RFC6101 |
| Release Date               | August 2011  |
| Reference                  | https://tools.ietf.org/html/rfc6101 |
</table>

  : **Note**: The following is an excerpt from the official IETF RFC. It is provided here as a convenience and is not authoritative. Refer to the original document as the authoritative reference.

==== Introduction ====
  : //The primary [[dido:public:ra:xapend:xapend.a_glossary:g:goal|goal]] of the SSL protocol is to provide privacy and
   reliability between two communicating [[dido:public:ra:xapend:xapend.a_glossary:a:application|applications]].  The protocol is
   composed of two layers.  At the lowest level, layered on top of some
   reliable transport protocol (e.g., TCP [[https://tools.ietf.org/html/rfc0793 | RFC0793]]), is the SSL record
   protocol.  The SSL record protocol is used for encapsulation of
   various higher level protocols.  One such encapsulated protocol, the
   SSL handshake protocol, allows the [[dido:public:ra:xapend:xapend.a_glossary:s:server|server]] and [[dido:public:ra:xapend:xapend.a_glossary:c:client|client]] to authenticate
   each other and to negotiate an [[dido:public:ra:xapend:xapend.a_glossary:e:encryption|encryption]] algorithm and cryptographic
   [[dido:public:ra:xapend:xapend.a_glossary:k:key|keys]] before the application protocol transmits or receives its first
   byte of data.  One advantage of SSL is that it is application
   protocol independent.  A higher level protocol can layer on top of
   the SSL protocol transparently.  The SSL protocol provides connection
   [[dido:public:ra:xapend:xapend.a_glossary:a:applicationsecurity|security]] that has three basic properties://

    * //The connection is private.  Encryption is used after an initial
      handshake to define a secret key.  Symmetric [[dido:public:ra:xapend:xapend.a_glossary:c:cryptography|cryptography]] is used
      for data encryption (e.g., DES, 3DES, RC4).//

    * //The peer's identity can be authenticated using asymmetric, or
      [[dido:public:ra:xapend:xapend.a_glossary:p:public_key|public key]], cryptography (e.g., RSA, DSS).//

    * //The connection is reliable.  Message transport includes a message
      integrity check using a keyed Message [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|Authentication]] Code (MAC)
      [RFC2104].  Secure hash functions (e.g., SHA, MD5) are used for
      MAC computations.//


/**=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
/* To add a discussion page to this page, comment out the line that says 
  ~~DISCUSSION:off~~
*/
~~DISCUSSION:on|Outstanding Issues~~
~~DISCUSSION:off~~