Overview of the Secure Sockets Package
Introduction
The Secure Sockets package implements the SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocols for secure communications over a network. Most secure electronic commerce sites are secured with the SSL/TLS protocols, and all major Web browsers and servers support the SSL/TLS protocols (see
Appendix B,
SSL and TLS Essentials, Stephen Thomas).
SSL runs on top of standard TCP/IP sockets. SSL was originally developed by Netscape Communications Corporation in 1994. Shortly after Netscape released SSL version 3.0, development of the SSL standard became the responsibility of the Internet Engineering Task Force (IETF), an international standards organization that certifies and maintains many Internet standards, including the TCP and IP protocols. The IETF made minor changes to SSL 3.0 and changed its name to Transport Layer Security (TLS) to promote vendor neutrality. In 1999 the IETF released the TLS 1.0 protocol specification to the public.
NOTE: This document refers to both TLS and SSL as "SSL/TLS."