does SSL encrypt contents of page?

Discussion in 'ASP.NET / ASP.NET Core' started by ashman, Jun 22, 2004.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. ashman

    ashman

    I always thought SSL only encrypts the post-data submitted by a form (using the public key supplied by the server).

    I just read a post about securing information using SSL (e.g. credit card info). Surely the HTML supplied by the server thru an SSL connection cannot be encrypted (since only the private key is used to decryt - and this remains secret on the server)?
     
    ashman, Jun 22, 2004
    #1
  2. Bruce

    Bruce DiscountASP.NET Staff

    HTTPS connection basically encrypt ALL traffic to and from the web server (regardless of the protocol used, ie. POST or GET)

    quote:Originally posted by ashman

    I always thought SSL only encrypts the post-data submitted by a form (using the public key supplied by the server).

    I just read a post about securing information using SSL (e.g. credit card info). Surely the HTML supplied by the server thru an SSL connection cannot be encrypted (since only the private key is used to decryt - and this remains secret on the server)?
    </blockquote id="quote"></font id="quote">
     
    Bruce, Jun 23, 2004
    #2
  3. ashman

    ashman

    ok, so how does the browser decrypt the data, since it does not have access to the private key, and only the private key can decrypt the data?
     
    ashman, Jul 3, 2004
    #3
  4. diltonm

    diltonm

    You can use a protocol analyzer and prove what is encrypted.
     
    diltonm, Jul 4, 2004
    #4
  5. Bruce

    Bruce DiscountASP.NET Staff

    all browsers are preinstalled with the root certificates.

    if you are using IE, pop open tools -> internet options -> content tab, you'll see all the certs there.


    quote:Originally posted by ashman

    ok, so how does the browser decrypt the data, since it does not have access to the private key, and only the private key can decrypt the data?
    </blockquote id="quote"></font id="quote">
     
    Bruce, Jul 4, 2004
    #5
  6. ashman

    ashman

    quote:Originally posted by bruce

    all browsers are preinstalled with the root certificates.
    </blockquote id="quote"></font id="quote">

    cool, thanks that makes sense now.
     
    ashman, Jul 7, 2004
    #6
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page