what is mean about "SSL" in network and hwo to be work?

Answer 1

Secure Sockets Layer (SSL), are cryptographic protocols which provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers.

SSL has a variety of security measures:

-The client uses the CA's public key to validate the CA's digital signature on the server certificate. If the digital signature can be verified, the client accepts the server certificate as a valid certificate issued by a trusted CA.
-The client verifies that the issuing Certificate Authority (CA) is on its list of trusted CAs.
-The client checks the server's certificate validity period. The authentication process stops if the current date and time fall outside of the validity period.
-To protect against Man-in-the-Middle attacks, the client compares the actual DNS name of the server to the DNS name on the certificate.
-Protection against several known attacks (including man in the middle attacks), like those involving a downgrade of the protocol to a previous (less secure) version or a weaker cipher suite.
-Numbering all the records and using the sequence number in the MACs.
-Using a message digest enhanced with a key (so only a key-holder can check the MAC). This is specified in RFC 2104.
-The message that ends the handshake ("Finished") sends a hash of all the exchanged data seen by both parties.
-The pseudorandom function splits the input data in half and processes each one with a different hashing algorithm (MD5 and SHA), then XORs them together. This provides protection if one of these algorithms is found to be vulnerable.
-SSL v3 uses the SHA-1 hashing algorithm and supports certificates for authentication. SHA-1 is considered much safer than the previous MD5 used in SSL v2. Additional improvements in SSL v3 include better handshake protocol flow and increased resistance to man-in-the-middle attacks.