At what level does SLL encryption occur
Greetings everyone.
I am trying to determine where encryption/decryption occurs on an SSL socket. Is it within the application process itself or somewhere in the IP stack in kernel? If it happens in the IP stack in kernel, is there a risk that a packet filter sitting in the
IP stack would be able to make a recording of the packets before they get encrypted. Just wondering.
cheers, Abbey
March 11th, 2011 8:24pm
SSL lives on the presentation layer (layer 6) of the OSI model; encryption/decryption occurs here.
Regards,
Jason
March 18th, 2011 2:47am
SSL lives on the presentation layer (layer 6) of the OSI model; encryption/decryption occurs here.
Regards,
Jason
I thank you for you response, but unfortunately, knowing that encryption occurs at layer 6 does not help me understand whether layer 6 is a component that is implement within the process space of an application process or outside the process space of an
application process.
cheers, Abbey
Free Windows Admin Tool Kit Click here and download it now
March 22nd, 2011 8:10pm
Sorry Abbey,
Layer 6 of the OSI model is integrated into the Application layer of the TCP/IP model and so SSL encryption occurs within applications themselves.
You're able to confirm this by running a packet capture using Microsoft Network Monitor or WireShark; even at a device driver level you're not able to see what is is an SSL encrypted segment.
Regards,
Jason
March 23rd, 2011 6:49am