1<html> 2<head> 3<title>mod_ssl: Glossary</title> 4 5<!-- 6 Copyright (c) 1998-2001 Ralf S. Engelschall. All rights reserved. 7 8 Redistribution and use in source and binary forms, with or without 9 modification, are permitted provided that the following conditions 10 are met: 11 12 1. Redistributions of source code must retain the above 13 copyright notice, this list of conditions and the following 14 disclaimer. 15 16 2. Redistributions in binary form must reproduce the above 17 copyright notice, this list of conditions and the following 18 disclaimer in the documentation and/or other materials 19 provided with the distribution. 20 21 3. All advertising materials mentioning features or use of this 22 software must display the following acknowledgment: 23 "This product includes software developed by 24 Ralf S. Engelschall <rse@engelschall.com> for use in the 25 mod_ssl project (http://www.modssl.org/)." 26 27 4. The name "mod_ssl" must not be used to endorse or promote 28 products derived from this software without prior written 29 permission. 30 31 5. Redistributions of any form whatsoever must retain the 32 following acknowledgment: 33 "This product includes software developed by 34 Ralf S. Engelschall <rse@engelschall.com> for use in the 35 mod_ssl project (http://www.modssl.org/)." 36 37 THIS SOFTWARE IS PROVIDED BY RALF S. ENGELSCHALL ``AS IS'' AND ANY 38 EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 39 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 40 PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RALF S. ENGELSCHALL OR 41 HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 42 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 43 NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 44 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 45 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 46 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 47 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48 OF THE POSSIBILITY OF SUCH DAMAGE. 49--> 50<style type="text/css"><!-- 51A:link { 52 text-decoration: none; 53 color: #6666cc; 54} 55A:active { 56 text-decoration: none; 57 color: #6666cc; 58} 59A:visited { 60 text-decoration: none; 61 color: #6666cc; 62} 63#sf { 64 font-family: arial,helvetica; 65 font-variant: normal; 66 font-style: normal; 67} 68H1 { 69 font-weight: bold; 70 font-size: 24pt; 71 line-height: 24pt; 72 font-family: arial,helvetica; 73 font-variant: normal; 74 font-style: normal; 75} 76H2 { 77 font-weight: bold; 78 font-size: 18pt; 79 line-height: 18pt; 80 font-family: arial,helvetica; 81 font-variant: normal; 82 font-style: normal; 83} 84H3 { 85 font-weight: bold; 86 font-size: 14pt; 87 line-height: 14pt; 88 font-family: arial,helvetica; 89 font-variant: normal; 90 font-style: normal; 91} 92H4 { 93 font-weight: bold; 94 font-size: 12pt; 95 line-height: 12pt; 96 font-family: arial,helvetica; 97 font-variant: normal; 98 font-style: normal; 99} 100#H { 101} 102#D { 103 background-color: #f0f0f0; 104} 105#faq { 106 font-weight: bold; 107 font-size: 16pt; 108 line-height: 16pt; 109 font-family: arial,helvetica; 110 font-variant: normal; 111 font-style: normal; 112} 113#howto { 114 font-weight: bold; 115 font-size: 16pt; 116 line-height: 16pt; 117 font-family: arial,helvetica; 118 font-variant: normal; 119 font-style: normal; 120} 121#term { 122 font-weight: bold; 123 font-size: 16pt; 124 line-height: 16pt; 125 font-family: arial,helvetica; 126 font-variant: normal; 127 font-style: normal; 128} 129--></style> 130<script type="text/javascript" language="JavaScript"> 131<!-- Hiding the code 132function ro_imgNormal(imgName) { 133 if (document.images) { 134 document[imgName].src = eval(imgName + '_n.src'); 135 self.status = ''; 136 } 137} 138function ro_imgOver(imgName, descript) { 139 if (document.images) { 140 document[imgName].src = eval(imgName + '_o.src'); 141 self.status = descript; 142 } 143} 144// done hiding --> 145</script> 146<script type="text/javascript" language="JavaScript"> 147<!-- Hiding the code 148if (document.images) { 149 ro_img_prev_top_n = new Image(); 150 ro_img_prev_top_n.src = 'ssl_template.navbut-prev-n.gif'; 151 ro_img_prev_top_o = new Image(); 152 ro_img_prev_top_o.src = 'ssl_template.navbut-prev-s.gif'; 153} 154// done hiding --> 155</script> 156<script type="text/javascript" language="JavaScript"> 157<!-- Hiding the code 158if (document.images) { 159 ro_img_prev_bot_n = new Image(); 160 ro_img_prev_bot_n.src = 'ssl_template.navbut-prev-n.gif'; 161 ro_img_prev_bot_o = new Image(); 162 ro_img_prev_bot_o.src = 'ssl_template.navbut-prev-s.gif'; 163} 164// done hiding --> 165</script> 166</head> 167<body bgcolor="#ffffff" text="#000000" link="#333399" alink="#9999ff" vlink="#000066"> 168<div align="center"> 169<table width="600" cellspacing="0" cellpadding="0" border="0" summary=""> 170<tr> 171 <td> 172 <img src="ssl_template.imgdot-1x1-transp.gif" alt="" width="600" height="1" align="bottom" border="0"><br> 173 <table width="600" cellspacing="0" cellpadding="0" summary=""> 174 <tr> 175 <td> 176 <table width="600" summary=""> 177 <tr> 178 <td align="left" valign="bottom"> 179 <font face="Arial,Helvetica" size="+2"><b>mod_ssl</b></font> 180 </td> 181 <td align="right"> 182 <img src="ssl_template.head-chapter.gif" alt="Chapter" width="175" height="94"> <img src="ssl_template.head-num-7.gif" alt="7" width="74" height="89"> 183 </td> 184 </tr> 185 </table> 186 </td> 187 </tr> 188 <tr> 189 <td><img src="ssl_template.imgdot-1x1-000000.gif" alt="" width="600" height="2" align="bottom" border="0"></td> 190 </tr> 191 <tr> 192 <td> 193 <table width="600" border="0" summary=""> 194 <tr> 195 <td valign="top" align="left" width="250"> 196<a href="ssl_faq.html" onmouseover="ro_imgOver('ro_img_prev_top', 'previous page'); return true" onmouseout="ro_imgNormal('ro_img_prev_top'); return true" onfocus="ro_imgOver('ro_img_prev_top', 'previous page'); return true" onblur="ro_imgNormal('ro_img_prev_top'); return true"><img name="ro_img_prev_top" src="ssl_template.navbut-prev-n.gif" alt="previous page" width="70" height="18" border="0"></a><br><font color="#000000">F.A.Q. List</font> 197 </td> 198 <td valign="top" align="right" width="250"> 199 </td> 200 </tr> 201 </table> 202 </td> 203 </tr> 204 <tr> 205 <td> 206 <br> 207 <img src="ssl_template.title-gloss.gif" alt="Glossary" width="456" height="60"> 208 </td> 209 </tr> 210 </table> 211<div align="right"> 212<table cellspacing="0" cellpadding="0" width="300" summary=""> 213<tr> 214<td> 215<em> 216``I know you believe you understand what you think I said, but I am not sure you 217realize that what you heard is not what I meant.'' 218</em> 219</td> 220</tr> 221<tr> 222<td align="right"> 223<font size="-1"> 224Richard Nixon 225</font> 226</td> 227</tr> 228</table> 229</div> 230<dl> 231<dt><div id="term">Authentication</div> 232<dd>The positive identification of a network entity such as a server, a 233 client, or a user. In SSL context the server and client 234 <em>Certificate</em> verification process. 235<p> 236<dt><div id="term">Access Control</div> 237<dd>The restriction of access to network realms. In Apache context 238 usually the restriction of access to certain <em>URLs</em>. 239<p> 240<dt><div id="term">Algorithm</div> 241<dd>An unambiguous formula or set of rules for solving a problem in a finite 242 number of steps. Algorithms for encryption are usually called <em>Ciphers</em>. 243<p> 244<dt><div id="term">Certificate</div> 245<dd>A data record used for authenticating network entities such 246 as a server or a client. A certificate contains X.509 information pieces 247 about its owner (called the subject) and the signing <em>Certificate 248 Authority</em> (called the issuer), plus the owner's public key and the 249 signature made by the CA. Network entities verify these signatures using 250 CA certificates. 251<p> 252<dt><div id="term">Certification Authority (CA)</div> 253<dd>A trusted third party whose purpose is to sign certificates for network 254 entities it has authenticated using secure means. Other network entities 255 can check the signature to verify that a CA has authenticated the bearer 256 of a certificate. 257<p> 258<dt><div id="term">Certificate Signing Request (CSR)</div> 259<dd>An unsigned certificate for submission to a <em>Certification Authority</em>, 260 which signs it with the <em>Private Key</em> of their CA <em>Certificate</em>. Once 261 the CSR is signed, it becomes a real certificate. 262<p> 263<dt><div id="term">Cipher</div> 264<dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4, etc. 265<p> 266<dt><div id="term">Ciphertext</div> 267<dd>The result after a <em>Plaintext</em> passed a <em>Cipher</em>. 268<p> 269<dt><div id="term">Configuration Directive</div> 270<dd>A configuration command that controls one or more aspects of a program's 271 behavior. In Apache context these are all the command names in the first 272 column of the configuration files. 273<p> 274<dt><div id="term">CONNECT</div> 275<dd>A HTTP command for proxying raw data channels over HTTP. It can be used to 276 encapsulate other protocols, such as the SSL protocol. 277<p> 278<dt><div id="term">Digital Signature</div> 279<dd>An encrypted text block that validates a certificate or other file. A 280 <em>Certification Authority</em> creates a signature by generating a 281 hash of the <em>Public Key</em> embedded in a <em>Certificate</em>, then 282 encrypting the hash with its own <em>Private Key</em>. Only the CA's 283 public key can decrypt the signature, verifying that the CA has 284 authenticated the network entity that owns the <em>Certificate</em>. 285<p> 286<dt><div id="term">Export-Crippled</div> 287<dd>Diminished in cryptographic strength (and security) in order to comply 288 with the United States' Export Administration Regulations (EAR). 289 Export-crippled cryptographic software is limited to a small key size, 290 resulting in <em>Ciphertext</em> which usually can be decrypted by brute 291 force. 292<p> 293<dt><div id="term">Fully-Qualified Domain-Name (FQDN)</div> 294<dd>The unique name of a network entity, consisting of a hostname and a domain 295 name that can resolve to an IP address. For example, <code>www</code> is a 296 hostname, <code>whatever.com</code> is a domain name, and 297 <code>www.whatever.com</code> is a fully-qualified domain name. 298<p> 299<dt><div id="term">HyperText Transfer Protocol (HTTP)</div> 300<dd>The HyperText Transport Protocol is the standard transmission protocol used 301 on the World Wide Web. 302<p> 303<dt><div id="term">HTTPS</div> 304<dd>The HyperText Transport Protocol (Secure), the standard encrypted 305 communication mechanism on the World Wide Web. This is actually just HTTP 306 over SSL. 307<p> 308<dt><div id="term">Message Digest</div> 309<dd>A hash of a message, which can be used to verify that the contents of 310 the message have not been altered in transit. 311<p> 312<dt><div id="term">OpenSSL</div> 313<dd>The Open Source toolkit for SSL/TLS; 314 see <a href="http://www.openssl.org/">http://www.openssl.org/</a> 315<p> 316<dt><div id="term">Pass Phrase</div> 317<dd>The word or phrase that protects private key files. 318 It prevents unauthorized users from encrypting them. Usually it's just 319 the secret encryption/decryption key used for <em>Ciphers</em>. 320<p> 321<dt><div id="term">Plaintext</div> 322<dd>The unencrypted text. 323<p> 324<dt><div id="term">Private Key</div> 325<dd>The secret key in a <em>Public Key Cryptography</em> system, used to 326 decrypt incoming messages and sign outgoing ones. 327<p> 328<dt><div id="term">Public Key</div> 329<dd>The publically available key in a <em>Public Key Cryptography</em> system, used to 330 encrypt messages bound for its owner and to decrypt signatures made by its 331 owner. 332<p> 333<dt><div id="term">Public Key Cryptography</div> 334<dd>The study and application of asymmetric encryption systems, which use one 335 key for encryption and another for decryption. A corresponding pair of 336 such keys constitutes a key pair. Also called Asymmetric Crypography. 337<p> 338<dt><div id="term">Secure Sockets Layer (SSL)</div> 339<dd>A protocol created by Netscape Communications Corporation for 340 general communication authentication and encryption over TCP/IP networks. 341 The most popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer 342 Protocol (HTTP) over SSL. 343<p> 344<dt><div id="term">Session</div> 345<dd>The context information of an SSL communication. 346<p> 347<dt><div id="term">SSLeay</div> 348<dd>The original SSL/TLS implementation library developed by 349 Eric A. Young <eay@aus.rsa.com>; 350 see <a href="http://www.ssleay.org/">http://www.ssleay.org/</a> 351<p> 352<dt><div id="term">Symmetric Cryptography</div> 353<dd>The study and application of <em>Ciphers</em> that use a single secret key 354 for both encryption and decryption operations. 355<p> 356<dt><div id="term">Transport Layer Security (TLS)</div> 357<dd>The successor protocol to SSL, created by the Internet Engineering Task 358 Force (IETF) for general communication authentication and encryption over 359 TCP/IP networks. TLS version 1 and is nearly identical with SSL version 3. 360<p> 361<dt><div id="term">Uniform Resource Locator (URL)</div> 362<dd>The formal identifier to locate various resources on the World Wide Web. 363 The most popular URL scheme is <code>http</code>. SSL uses the 364 scheme <code>https</code> 365<p> 366<dt><div id="term">X.509</div> 367<dd>An authentication certificate scheme recommended by the International 368 Telecommunication Union (ITU-T) which is used for SSL/TLS authentication. 369</dl> 370 <p> 371 <br> 372 <table summary=""> 373 <tr> 374 <td> 375 <table width="600" border="0" summary=""> 376 <tr> 377 <td valign="top" align="left" width="250"> 378<a href="ssl_faq.html" onmouseover="ro_imgOver('ro_img_prev_bot', 'previous page'); return true" onmouseout="ro_imgNormal('ro_img_prev_bot'); return true" onfocus="ro_imgOver('ro_img_prev_bot', 'previous page'); return true" onblur="ro_imgNormal('ro_img_prev_bot'); return true"><img name="ro_img_prev_bot" src="ssl_template.navbut-prev-n.gif" alt="previous page" width="70" height="18" border="0"></a><br><font color="#000000">F.A.Q. List</font> 379 </td> 380 <td valign="top" align="right" width="250"> 381 </td> 382 </tr> 383 </table> 384 </td> 385 </tr> 386 <tr> 387 <td><img src="ssl_template.imgdot-1x1-000000.gif" alt="" width="600" height="2" align="bottom" border="0"></td> 388 </tr> 389 <tr> 390 <td><table width="598" summary=""> 391 <tr> 392 <td align="left"><font face="Arial,Helvetica"> 393 <a href="http://www.modssl.org/">mod_ssl</a> 2.8, User Manual<br> 394 The Apache Interface to OpenSSL 395 </font> 396 </td> 397 <td align="right"><font face="Arial,Helvetica"> 398 Copyright © 1998-2001 399 <a href="http://www.engelschall.com/">Ralf S. Engelschall</a><br> 400 All Rights Reserved<br> 401 </font> 402 </td> 403 </tr> 404 </table> 405 </td> 406 </tr> 407 </table> 408 </td> 409</tr> 410</table> 411</div> 412</body> 413</html> 414