Description

This article is from the Secure Sockets Layer Discussion List FAQ, by Shannon Appel SAppel@consensus.com with numerous contributions by others.

4.1) Does SSL protect users from replay attack by eavesdroppers or message interceptors?

Yes. The client and the server each provide part of the random data
used to generate the keys for a connection. (The random portions of
the connection that initiate a session, drawn from both the client
and the server, are used to generate the master secret associated
with that session.) Additionally, each record is protected with a
MAC (Message Authentication Code) that contains a sequence number for
the message.

Continue to:

prev: 3.5) Do you have any information on sftp?
Index
next: 4.2) Isn't encrypt-only SSL open to "man-in-the-middle" attacks?

Share and Enjoy

Bookmark this story so others can enjoy it:


	stason.org

	Articles
	Development
	Books
	Teaching
	Photography
	Bits and Pieces
	TULARC
	Contact Us
	Site Map


	Favorites

	Free Online Books
	Meta Religion
	Travel Blogs
	StasoSphere
	Healing Info
	Article Collection
	Practical mod_perl
	mod_perl2 Book
	MailChannels

		Articles / TULARC / Security / SSL Discussion List /







		4.1) Does SSL protect users from replay attack by eavesdroppers or message interceptors?


	Search

4.1) Does SSL protect users from replay attack by eavesdroppers or message interceptors?

Description

4.1) Does SSL protect users from replay attack by eavesdroppers or message interceptors?

Share and Enjoy

Tags