Authentication, Support for ssl, Authentication support for ssl – Allied Telesis AT-S60 User Manual

AT-S60 Management Software User’s Guide

Section III: Security Features

383

The Alert message is used if the client or server detects an error. Alert
messages also inform the other end that the session is about to close. In
addition, the Alert message contains a severity rating and a description
of the alert. For example, an alert message is sent if either party receives
an invalid certificate or an unexpected message.

The Application data message encapsulates the encrypted application
data.

Authentication

Authentication is the process of ensuring both the web site and the end
user are genuine. In other words, they are not imposters. Both the server
and an individual users need to be authenticated. This is especially
important when transmitting secure data over the Internet.

To verify the authenticity of a server, the server has a public and private
key. The public key is given to the user.

SSL uses certificates for authentication. A certificate binds a public key to
a server name. A Certification Authority issues certificates after checking
that a public key belongs to its claimed owner. There are several
agencies that are trusted to issue certificates. Individual browsers have
approved Root CAs that are built in to the browser.

Note

See Public Key Infrastructure Overview on page 358 for detailed
information about certificates.

Support for SSL

The AT-8400 switch implements the following versions of SSL:

❑ Mandatory parts of RFC 2246 (TLSv1), except for DSS encryption

❑ Mandatory parts of SSLv3

❑ SSLv2 client hello

❑ SHA1 for MAC