OpenSSL is a library used for developing applications that can
communicate using the SSL/TLS link-layer encryption facilities.
Link-layer encryption can be used to carry any other protocol. This
is demonstrated by the 'stunnel' application that can be used to
transparently add SSL encryption to other applications.
> I would like to know what is the advantage of using openssl.
The advantages to using OpenSSL are that it's:
o free
o well-maitained
o well-supported (by this mailing list)
o easy-to-use
o free of any known security problems
> Do openssl users still have to pay for services like verisign.
If you wish to have a verisign certificate, then yes. Depending on
your application you may not need a "commercial" certificate. OpenSSL
provides all the facilities you need to create your own certificates.
If you wish to create a certificate for use in a internet deployed
web-server, then a "commercial" certificate is needed, as the users
will not have your CA's root certificate embeded in the browser.
> I have looked on the opensll site but my English is not that good,
> if someone can give me a simple explanation it would be very much
> appreciated.
OpenSSL basically adds an additional set of I/O primitives:
To read encrypted data, you call SSL_read().
To write encrypted data, you call SSL_write().
Before you can do this, you need to set-up a number of things first,
and there are some other tasks, but nothing amazingly difficult.
- Dale.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
