Authentication
Authentication
Consider the following interactions between a client and a
server, which are typical of both SSL-enabled applications (although hidden from
view) and the custom applications built using X.509 technology:
-
The client opens a connection to the server and asks the
server to authenticate itself.
-
The server authenticates itself and—optionally—asks the
client to authenticate itself. Client authentication, while possible with SSL,
is seldom used in most SSL transactions; however, for enterprise applications in
which auditing of all transactions is important, client authentication provides
the only way to determine for sure that the client's claimed identity is
legitimate.
-
The client authenticates itself. If the client desires an
encrypted connection, it takes steps to establish one. Server authentication and
client authentication essentially mirror each other.
-
The client begins the transaction.
|
247 times read
|
|
|
|
Sections
Syndication
