Next: 5 Appendix 5: Some
Up: 4 Appendix 4: More
Previous: 4.2.3 Other Factors
The preceding sections have presented a description of requirements and
other factors to be considered in assessing candidate protocols used to
provide security for electronic commerce applications. The protocols
evaluated here, SSL and SHTTP, represent two possible tools which might
be used to build secure applications. These tools may well need to be
combined with other security mechanisms, particularly secure payment
schemes, to meet overall system security requirements. In addition,
operational security elements beyond the scope of the protocol
specification (e.g. key management, user actions, audit, platform
issues) are critical to system security.
In general, SSL and SHTTP provide architecturally distinct, and
possibly complementary, methods for supplying many similar security
services. The main differences lie in four areas:
-
Operation in proxy environments
- SSL mostly requires a tradeoff between potentially compromising the
firewall by creating secure associations through the proxy and
terminating the security services at the proxy. SHTTP may also require
terminating services at the proxy depending on policy but supports
security services, especially authentication, between multiple parties
and provides greater flexibility in cases where the proxy is SHTTP
aware.
-
Nature of integration
- SSL is essentially an added layer between the application and the
transport service and consequently should be simpler to integrate (and
may support multiple applications). SHTTP is HTTP specific and is
likely to require integration with the application package. For
providing secure system solutions, some degree of coupling between the
security service and the application will be needed regardless of the
choice of protocol.
-
Performance
- SSL incurs a start up latency, especially for new associations and then
adds little performance penalty. SHTTP incurs little or no start up
delay but adds more per transaction overhead in terms of both size and
processing complexity.
-
Non-repudiation
- SSL provides no facilities for non-repudiation while SHTTP provides
non-repudiation with proof of origin when digital signatures are
employed.
This document serves to provide information to system integrators and
providers on the characteristics of the respective protocols. The
selection of one or more as elements of a system solution will depend
on the requirements of those particular systems and on a detailed
analysis of customer, operational, and regulatory characteristics.
Next: 5 Appendix 5: Some
Up: 4 Appendix 4: More
Previous: 4.2.3 Other Factors
Denis Arnaud
12/19/1997