Proto Balance SSL - SSL offloading for performance web sites - Download Now!!!

SSL Acceleration .info
Saturday, 31-Jul-2010 14:11:56 GMT

The history of SSL

From wikipedia.org:

Early research efforts toward transport layer security included the Secure Network Programming (SNP) API, which in 1993 explored the approach of having a secure transport layer API closely resembling sockets, to facilitate retrofitting preexisting network applications with security measures. The SNP project received the 2004 ACM Software System Award.

The SSL protocol was originally developed by Netscape. Version 1.0 was never publicly released; version 2.0 was released in 1994 but "contained a number of security flaws which ultimately led to the design of SSL version 3.0", which was released in 1996 (Rescorla 2001). This later served as the basis for TLS version 1.0, an Internet Engineering Task Force (IETF) standard protocol first defined in RFC 2246 in January 1999. Visa, MasterCard, American Express and many leading financial institutions have endorsed SSL for commerce over the Internet.

 

The history of SSL acceleration and e-Commerce performance

A (somewhat outdated) paper on the pitfalls of high performance SSL with some proposals from ApacheCon 2000 Florida: apachecon2000.pdf

Info on SSL accelerator cards (also outdated): http://www.kegel.com/ssl/hw.html

An often sited article is this www.windowssecurity.com article. It doesn't take a genius to figure out that if you use an SSL terminator (see HARDWARE - ROUTERS/REVERSE PROXIES/TERMINATORS) your traffic from the terminator to the web server is unencrypted, and you should design your solution so that you are not vulnerable. By the same token, the very same network might have plain-text database connections going over the same Ethernet cables - so the fact that there is plain-text HTTP traffic can make the security no worse.