What is SSL?

SSL is an industry standard protocol that provides X.509 certificate-based authentication and encryption for unsecured connections. Personal Communications supports client and server-side certificate-issuer authentication and encryption of emulation sessions in compliance with the SSLv3 standard. Server-side certificate-issuer authentication means that the target server presents its X.509 certificate for the Personal Communications client to inspect for certificate-issuer authenticity before initiating an encrypted session.

SSL client authentication allows a server to confirm a user's identity. Using the same techniques as those used for server authentication, SSL-enabled server software can check that a client's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the server's list of trusted CAs. This confirmation might be important if the server, for example, is a bank sending confidential financial information to a customer; in that case it is important to check the recipient's identity.

Privacy and integrity are mediated by X.509 certificates, which act as electronic ID cards. Usually these are issued by external Certificate Authorities (CAs), whose business is the issuing of Internet certificates. Some of these CAs are widely trusted because of their vetting protocols and performance records. That is, those CAs are thorough in verifying the identity of a certificate requester before issuing a commercial use certificate. Also, the operations of the CAs are secure enough to prevent theft of encryption keys and other materials that can be used to counterfeit their certificates.