|
|
|
Transport Layer Security (rfc2246) |
|
|
Similar to Netscape's Secure Sockets Layer (SSL) |
|
|
|
Relies on Public Key Infrastructure (PKI) |
|
|
|
Asymmetrical security not great for multilateral B2B |
|
|
|
Service encrypts and decrypts with private key |
|
|
|
Client decrypts and decrypts with public key |
|
|
|
Use PKI to exchange 3-DES or Rijndael keys for symmetric encryption |
|
|
|
Poor client authentication |
