SSL Specification Overview

This section provides a quick overview of the SSL (Secure Socket Layer) protocol. There are 4 sub-protocols in SSL: Record Protocol, Handshake Protocol, Change Cipher Spec Protocol, and Alert Protocol.

SSL protocol operates between the TCP/IP layer and the application layer in the communication layer model. See the following diagram:

   Client            Server

   Application       Application
   SSL               SSL
   TCP/IP            TCP/IP
      |                 |
      |-----------------|

The objective of SSL protocol is to offer to the application the following security properties:

SSL protocol is actually composed of 4 sub-protocols:

SSL's sub-protocols work together with application protocols as shown in the following diagram:

    --> Time
   |----------------------------------------------------------------|
   | SSL Handshake | SSL Change Cipher Spec | Application/SSL Alert |
   |   Protocol    |        Protocol        |       Protocol        |
   |----------------------------------------------------------------|
   |                      SSL Record Protocol                       |
   |----------------------------------------------------------------|
   |                        TCP/IP Protocol                         |
   |----------------------------------------------------------------|

As you can see, the handshake protocol is very important for establishing the SSL. The following diagram shows you what are the messages used in the handshake protocol and in what sequence they are used:

   Client                  Server

   Client Hello        -->
                       <-- Server Hello
                       <-- Server Certificate (optional)
                       <-- Server Key Exchange (optional)
                       <-- Certificate Request (optional)
   Certificate         -->
   Client Key Exchange -->
   Certificate Verify  -->
   Change Cipher Spec  -->
   Finished            -->
                       <-- Change Cipher Spec
                       <-- Finished

For details of the SSL specifications, see "The SSL Protocol, Version 3.0" at http://wp.netscape.com/eng/ssl3/draft302.txt.

How can SSL ensure privacy? SSL allows the server and the client to gain privacy with the following approach:

Table of Contents

 About This JDK Tutorial Book

 JDK (Java Development Kit)

 Java Date-Time API

 Date, Time and Calendar Classes

 Date and Time Object and String Conversion

 Number Object and Numeric String Conversion

 Locales, Localization Methods and Resource Bundles

 Calling and Importing Classes Defined in Unnamed Packages

 HashSet, Vector, HashMap and Collection Classes

 Character Set Encoding Classes and Methods

 Character Set Encoding Maps

 Encoding Conversion Programs for Encoded Text Files

 Java Logging

 Socket Network Communication

 Datagram Network Communication

 DOM (Document Object Model) - API for XML Files

 SAX (Simple API for XML)

 DTD (Document Type Definition) - XML Validation

 XSD (XML Schema Definition) - XML Validation

 XSL (Extensible Stylesheet Language)

 Message Digest Algorithm Implementations in JDK

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Digital Signature Algorithm and Sample Program

 "keytool" Commands and "keystore" Files

 KeyStore and Certificate Classes

 Secret Key Generation and Management

 Cipher - Encryption and Decryption

The SSL (Secure Socket Layer) Protocol

 What Is SSL (Secure Socket Layer)?

SSL Specification Overview

 JSSE - Java Implementation of SSL and TLS

 SslSocketTest.java - Default SSL Socket Factory Test

 SslContextTest.java - javax.net.ssl.SSLContext Class Test

 Initializing SSLContext with PKCS12 File

 SSL Socket Communication Testing Programs

 SSL Client Authentication

 HTTPS (Hypertext Transfer Protocol Secure)

 Outdated Tutorials

 References

 Full Version in PDF/EPUB