requested89
IS-IT--Management
Can anybody explain how SSL and HTTPS works in terms of the following example. I kind of understand how it works and how PKI works etc but if I give you the following example perhaps it will help:
I use a service whereby I send a credit card number over the internet using HTTPS. I will be doing this hundreds of times every day from a custom built VB.Net application. The thing I don't quite understand is how this information is encrypted on the journey FROM ME TO THE SERVICE.
I kind of know how PKI works but how do I, as a web user get the other persons Public Key? Is this sent to me when I initially begin the session?
For example when using a Internet Explorer and I navigate to the web page using the address does send me their Public Key?
If so, is this something which is handled by the browser? If it is I guess it is something that I have to handle from within my application?
What happens next? What controls the fact that all our transmissions need to be encrypted? Is it a session or something else?
How is the stuff that comes back from the remote server encrypted? How is it encrypted so that when the remote server send stuff back it is secure and yet I am able to decrypt it?
As you can probably see I am abit confused so any help is appreciated,
Thanks in advance,
Chris
I use a service whereby I send a credit card number over the internet using HTTPS. I will be doing this hundreds of times every day from a custom built VB.Net application. The thing I don't quite understand is how this information is encrypted on the journey FROM ME TO THE SERVICE.
I kind of know how PKI works but how do I, as a web user get the other persons Public Key? Is this sent to me when I initially begin the session?
For example when using a Internet Explorer and I navigate to the web page using the address does send me their Public Key?
If so, is this something which is handled by the browser? If it is I guess it is something that I have to handle from within my application?
What happens next? What controls the fact that all our transmissions need to be encrypted? Is it a session or something else?
How is the stuff that comes back from the remote server encrypted? How is it encrypted so that when the remote server send stuff back it is secure and yet I am able to decrypt it?
As you can probably see I am abit confused so any help is appreciated,
Thanks in advance,
Chris