ON
INTERNET
SECURITY
- SSLREF
- Netscape SSLRef is a reference implementation of the Secure Sockets Layer protocol intended to aid and accelerate developers' efforts to provide advanced security within TCP/IP applications that use SSL. SSLRef consists of a library, distributed in ANSI C source-code form, that can be compiled on a wide variety of platforms and operating systems and linked into an application program. It's free for noncommercial use and available now.
- OPEN STANDARDS
- Netscape remains fundamentally committed to supporting open standards in the development of commercial Internet applications. As discussions on these important topics continue, we will periodically publish papers to answer any questions our users might have.
- What's security for?
- The security features built into Netscape Navigator and the Netscape
Commerce Server protect your Internet communications with:
- Server authentication (thwarting impostors)
- Privacy using encryption (thwarting eavesdroppers)
- Data integrity (thwarting vandals)
Read on to find out:
- Where can I learn about
security?
- Can I safely transmit personal
information such as credit card numbers?
- How does Netscape's security
technology protect me?
- To what degree can SSL security
protect me?
- How can I tell when security is in
effect?
- What does the Document Information
dialog box tell me?
- Are certificates required and
where do you get one?
- Can one certificate be used on
multiple servers?
- Do security features impose any
limitations on the ability to access sites?
- Where can I learn about security?
The Internet security technology developed by Netscape Communications
to ensure private and authenticated communications (called SSL, short
for Secure Sockets Layer protocol) is an open platform put into the
public domain for the Internet community. Netscape Navigator and the
Netscape Commerce Server are the first products to offer this
nonproprietary technology.
- Netscape Navigator
Handbook
- Look under "Security" in the handbook index to learn about the
need for security on the Internet and how to recognize the security
features built into Netscape Navigator.
- Netscape Data Security
- This technical document provides an overview of security
implementation and plans from Netscape Communications. You'll find a
summary of SSL and details on how Netscape Navigator and Netscape Commerce
Server use SSL.
- Using RSA Public Key Cryptography
- This technical tutorial illustrates the basic tenets employed by
Netscape's security technology, including public and private keys,
message digests, digital signatures, and certificates. You can also
obtain general security information
and Netscape Server product security
information directly from RSA Data Security, Inc.
- The SSL Protocol
- This comprehensive, highly technical document is the specification
for the Secure Sockets Layer protocol. Appendices include a glossary
and a description of potential security attacks.
- Can I safely transmit personal information such as credit card
numbers?
You can enter your credit card number on a secure (https)
Netscape Navigator form and transmit the form over the Internet to a
secure Netscape Commerce Server without risk of an intermediary
obtaining your credit card information. The security features offered
by Netscape Communications technology protect commercial
transactions, as well as all other communications, from
misappropriation and fraud that could otherwise occur as information
passes through Internet computers.
Secure communications does not eliminate all of an Internet user's
concerns. For example, you must be willing to trust the server
administrator with your credit card number before you enter into a
commercial transaction. Security technology secures the routes of
Internet communication; security technology does not protect you from
unreputable or careless people with whom you might choose to do
business.
The situation is analogous to telling someone your credit card number
over the telephone. You may be secure in knowing that no one has
overheard your conversation (privacy) and that the person on the line
works for the company you wish to buy from (authentication), but you
must also be willing to trust the person and the company.
Server administrators must take additional precautions to prevent
security breaches. To protect your information, they must maintain
physical security of their server computers and control access to
software passwords and private keys.
- How does Netscape's security technology protect me?
The security features built into Netscape Navigator and Netscape
Commerce Server protect your Internet communications with:
- Server authentication (thwarting impostors)
- Privacy using encryption (thwarting eavesdroppers)
- Data integrity (thwarting vandals)
Without thorough security, information transmitted over the Internet
is susceptible to fraud and other misuse by intermediaries.
Information traveling between your computer and a server uses a
routing process that can extend over many computer systems. Any one
of these computer systems represents an intermediary with the
potential to access the flow of information between your computer and
a trusted server. You need security to make sure that intermediaries
cannot deceive you, eavesdrop on you, copy from you, or damage your
communications. The Internet does not provide built-in security.
The SSL protocol delivers server authentication, data encryption, and message integrity. SSL is layered beneath application protocols such
as HTTP, Telnet, FTP, Gopher, and NNTP, and layered above the
connection protocol TCP/IP. This strategy allows SSL to operate
independently of the Internet application protocols. With SSL
implemented on both the client and server, your Internet
communications are transmitted in encrypted form, ensuring privacy.
- To what degree can SSL security protect me?
With Netscape's security technology, information you send can be
trusted to arrive privately and unaltered to the server you specify
(and no other). To evaluate the strategic and quantitative
implications of the SSL implementation of certification and public
key technology, consult The SSL Protocol
specification.
SSL uses authentication and encryption technology developed by RSA
Data Security Inc. For example, Netscape Navigator's export
implementation of SSL (U.S. government approved) uses a 40-bit key
size for the RC4 stream encryption algorithm. The encryption
established between you and a server remains valid over multiple
connections, yet the effort expended to defeat the encryption of one
message cannot be leveraged to defeat the next message.
A message encrypted with 40-bit RC4 takes on average 64 MIPS-years to break (a 64-MIPS computer needs a year of dedicated processor time to
break the message's encryption). The 128-bit U.S. domestic version
provides protection exponentially more vast. The effort required to
break any given exchange of information is a formidable deterrent.
Server authentication uses RSA public key cryptography in conjunction
with ISO X.509 digital certificates.
Netscape Navigator and Netscape Commerce Server deliver server
authentication using signed digital certificates issued by trusted
third parties known as certificate authorities. A digital certificate
verifies the connection between a server's public key and the
server's identification (just as a driver's license verifies the
connection between your photograph and your personal identification).
Cryptographic checks, using digital signatures, ensure that
information within a certificate can be trusted.
- How can I tell when security is in effect?
Netscape Navigator identifies secure documents in several ways. You
can tell whether a document comes from a secure server by looking at
the location (URL) field. If the URL begins with https://
(instead of http://), the document comes from a secure server.
You need to use https:// for HTTP URLs with SSL and
http:// for HTTP URLs without SSL.
You can also verify the security of a document by examining the
security icon in the bottom-left corner of the Netscape Navigator
window and the colorbar across the top of the content area. The icon
consists of a doorkey on a blue background to show secure documents
and a broken doorkey on a gray background to show insecure documents.
The colorbar across the top of the content area is blue for secure
and gray for insecure.
A mixed document containing secure and insecure information is
displayed as secure with insecure information replaced by a mixed
security icon. Some servers may permit you to access documents
insecurely (using http://) permitting you to view mixed
documents without icon substitution.
More detailed security information can be found by choosing the
File/Document Information menu item. Several configurable
notification dialog boxes inform you when you are entering or leaving
a secure space, viewing a secure document that contains insecure
information, and using an insecure submission process. You'll always
be warned if a secure URL is redirected to an insecure location, or
if you're submitting via a secure form using an insecure submission
process.
- What does the Document Information dialog box tell me?
Choosing the File/Document Information menu item produces a
dialog box with a document's title, location (URL), date of last
modification, character set encoding, and the security status of a
document, Secure documents specify the type of encryption protecting
the document and the version, serial number, issuer, and server
subject of the certificate backing the document.
- Encryption Key
- States the type of public key supported. For example, the
high-grade encryption key for U.S. domestic use only (RC4, 128-bit)
refers to the 128-bit key size for the RC4 stream encryption
algorithm.
- Subject (server id)
- The certification request process requires that each server
administrator supply an e-mail address and certain identifying
information. Identifying information may include:
- Country (C): two-character country code
- State or Province (ST): unabbreviated state/province name
- Organization (O): legal, registered organization name
- Organizational Unit (OU): optional department name
- Locality (L): city the organization resides or is registered in
- Common Name (CN): the server's fully qualified host name (such as:
hostname.netscape.com)
- Issuer (certifier id)
- Identifies the certificate authority responsible for issuing the
certification is identified. Identifying information is presented
using the same abbreviations as those used to identify the server (C,
for country, and so on).
- Are certificates required and where do you get one?
To operate using security features, Netscape Commerce Server
requires a digitally signed certificate. Without a certificate, the
server can only operate insecurely. If you are a server administrator
and want to obtain a signed certificate, you need to submit a
certificate request to a certificate authority, a third-party
organization that issues certificates, and pay an associated service
fee.
Netscape Communications has engaged RSA Certificate Services, a
division of RSA Data Security, Inc., to issue certificates to Netscape
Server product
customers and will engage other certificate authorities over time.
The process to obtain a certificate is explained in the Netscape
Commerce Server manual. During the certificate request process, your
server software generates a public key/private key pair and you
choose a distinguished name. On-line forms guide you through the
process of submitting the form to RSA.
RSA verifies the authenticity of each certificate request (making sure
requesters are who they claim to be). The approval process helps
protect you, your organization, and the certificate authority. Upon
approval, RSA digitally signs the request and returns the unique
digitally signed certificate to you through e-mail. You can then
install the signed, valid certificate and enable security. You'll
need to establish adequate precautions to maintain the integrity of
the signed certificate and your private key.
- Can one certificate be used on multiple servers?
Technically, one certificate can be used on multiple servers, however
risks are involved that would discourage this choice in many
circumstances. If the same certificate is used on multiple servers,
any compromise of one server's public key and private key pair
endangers information on the other servers.
(Certificates are protected by public and private key pairs linked by
a powerful cryptographic algorithm. These keys have the ability to
encrypt and decrypt information. No one else's keys can decipher
messages to you encrypted with your public key. And no one else's
keys can be used to pose as you by sending messages encrypted with
your private key.)
Similar risks would be incurred if you were to choose to secure your
house, office, car, safety deposit box, and bike with the same key.
You would only have to carry around a single key, but you would not
have the flexibility to provide access to one item without providing
access to all items. If security was compromised for one item, it
would also be compromised for other items.
Multiple servers that are running on the same piece of hardware can
technically use the same certificate. However, as your software
installations expand, the need for different levels of security and
individual keys increases. The security requirements for information
served at remote locations or on separate hardware are best satisfied
by unique certificates.
- Do security features impose any limitations on the ability to
access sites?
The security protocol works as an adjunct to other protocols without
limiting access capabilities. You can use Netscape Navigator to bring
either secure or insecure documents. Nor does security limit
Netscape's Usenet news or electronic mail abilities.
If a document that is otherwise secure contains information that is
insecure, the insecure information is replaced by a mixed security
icon. However, a server may permit you to bypass this security
feature by accessing the mixed security document through the insecure
http protocol instead of the secure https protocol. The
security aspects of SSL protect you from insecure transmissions, but
do not limit your ability to receive insecure transmissions.
On-line forms can be secure if the submit action is an https://
URL to a secure server. Netscape Navigator uses dialog boxes to
inform you about the security status of the submission process when you
submit a form.
You can save a secure document (though secure documents are not cached
to disk among sessions). You can also view the HTML source of a
secure document. Security affects the transmission of a document
without affecting your ability to manipulate the document.
Corporate Sales: 415/937-2555; Personal Sales: 415/937-3777; Federal Sales: 415/937-3678
If you have any questions, please visit Customer Service.
Copyright © 1996 Netscape Communications Corporation