Content deleted Content added
Wutherings (talk | contribs) No edit summary |
Wutherings (talk | contribs) No edit summary |
||
Line 4:
Toward the goal of "secure network programming for the masses," the inventors of SNP conceived secure sockets as a high-level abstraction suitable for securing Internet applications. In 1993, they designed and built a prototype of SNP. Designed as an application sublayer on top of sockets, SNP provides a user interface closely resembling sockets. This resemblance was by design so that security could be retrofitted into existing socket programs with only minor modifications. Also, with such a sublayer carefully designed and its implementation thoroughly debugged, it can be easily used by any Internet application that uses sockets for end-to-end communications. This is a natural idea in hindsight but, in 1993, it was novel and a major departure from mainstream network security research at that time.
SNP's secure sockets support both stream and datagram semantics with security guarantees (i.e., data origin authenticity, data destination authenticity, data integrity, and data confidentiality.) Many of the ideas and design choices in SNP can be found in subsequent secure sockets layers, including: placing authenticated communication endpoints in the [[application layer]], use of [[public key cryptography]] for authentication, a handshake protocol for establishing session state including a shared secret, use of [[symmetric key cryptography]] for data confidentiality, and managing contexts and credentials in the secure sockets layer.
| |||