4-10 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.1
Chapter 4
HTTPS Using SSLv3 or TLSv1
Overview
The Avaya P580 and P882 Multiservice switches support Secure Socket
Layer, version 3 (SSLv3), and Transport Layer Security, version 1.0
(TLSv1).
SSL and TLS are protocols that provide data security between application
protocols (such as HTTP, Telnet, NNTP, FTP) and TCP/IP. SSL and TLS
are used to:
Transmit encrypted data over TCP/IP networks, and
Authenticate sites and clients wit h certificates
HTTPS is HyperText Transfer Protocol that is running either SSL or TLS.
TLS is based on the SSLv3 protocol specification published by Netscape
Communications Corporation. The Internet Engineering Task Force (IETF)
defines TLS in RFC 2246 as the successor of SSL v3.
SSL and TLS use certificates and public and private keys to secure data.
SSL server certificates prove the identity of the server to clients. The
application software provides its own internal Certificate Authority (CA)
for self-signing certificates. Cert ificates provide the following inform ation:
Name of the server’s CA.
Name of the entity to which the certif icate was issued.
Public key of the entity.
Expiration date of the certificate.
Public and private keys are created from algorithms, called cipher s, that are
used to encrypt and decrypt data. The public key is shared. The private key
should never be shared. You cannot access the private key on the P580 or
P882 switch.
Public-private key pairs work to g ether: Data that is encrypted with t h e
public key can be decrypted only with the private key and vice versa. The
Avaya Multiservice switches use only RSA SSLv3 an d TLS v1 ciph er sui tes.