2.2.10 SSL

SSL is a protocol that encapsulates another protocol. This means SSL is like an envelop that contains some content, possibly another envelop. SSL stands for Secure Socket Layer . The purpose of SSL is to allow authentication and encryption between two network interfaces.

In theory, SSL can encapsulate any protocol, including telnet, FTP and all the protocols mentioned in this chapter. In reality, however, SSL is mostly used to encapsulate HTTP (to become HTTPS). It is also used to encapsulate SMTP, NNTP, POP3 and IMAP.

Like SSH, SSL packets look like jibberish to bystanders due to encryption. Unlike SSH, SSL does not require a corresponding user account on the machine that listens to SSL requests. This makes SSL perfect for secure HTTP connections because HTTP connections do not require accounts on HTTP servers.