View Full Version : does SSL encrypt contents of page?
ashman
06-22-2004, 08:50 AM
I always thought SSL only encrypts the post-data submitted by a form (using the public key supplied by the server).
I just read a post about securing information using SSL (e.g. credit card info). Surely the HTML supplied by the server thru an SSL connection cannot be encrypted (since only the private key is used to decryt - and this remains secret on the server)?
bruce
06-23-2004, 03:11 AM
HTTPS connection basically encrypt ALL traffic to and from the web server (regardless of the protocol used, ie. POST or GET)
[b]quote:Originally posted by ashman
I always thought SSL only encrypts the post-data submitted by a form (using the public key supplied by the server).
I just read a post about securing information using SSL (e.g. credit card info). Surely the HTML supplied by the server thru an SSL connection cannot be encrypted (since only the private key is used to decryt - and this remains secret on the server)?
</blockquote id="quote"></font id="quote">
ashman
07-03-2004, 09:02 AM
ok, so how does the browser decrypt the data, since it does not have access to the private key, and only the private key can decrypt the data?
diltonm
07-04-2004, 10:50 AM
You can use a protocol analyzer and prove what is encrypted.
bruce
07-04-2004, 11:53 AM
all browsers are preinstalled with the root certificates.
if you are using IE, pop open tools -> internet options -> content tab, you'll see all the certs there.
[b]quote:Originally posted by ashman
ok, so how does the browser decrypt the data, since it does not have access to the private key, and only the private key can decrypt the data?
</blockquote id="quote"></font id="quote">
ashman
07-07-2004, 04:28 AM
[b]quote:Originally posted by bruce
all browsers are preinstalled with the root certificates.
</blockquote id="quote"></font id="quote">
cool, thanks that makes sense now.
vBulletin® ©Jelsoft Enterprises Ltd.