DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH
 

(mysql.info.gz) Secure basics

Info Catalog (mysql.info.gz) Secure connections (mysql.info.gz) Secure connections (mysql.info.gz) Secure requirements 
 
 5.6.7.1 Basic SSL Concepts
 ..........................
 
 To understand how MySQL uses SSL, it's necessary to explain some basic
 SSL and X509 concepts. People who are familiar with them can skip this
 part.
 
 By default, MySQL uses unencrypted connections between the client and
 the server. This means that someone with access to the network could
 watch all your traffic and look at the data being sent or received.
 They could even change the data while it is in transit between client
 and server. To improve security a little, you can compress
 client/server traffic by using the `--compress' option when invoking
 client programs.  However, this will not foil a determined attacker.
 
 When you need to move information over a network in a secure fashion,
 an unencrypted connection is unacceptable.  Encryption is the way to
 make any kind of data unreadable. In fact, today's practice requires
 many additional security elements from encryption algorithms.  They
 should resist many kind of known attacks such as changing the order of
 encrypted messages or replaying data twice.
 
 SSL is a protocol that uses different encryption algorithms to ensure
 that data received over a public network can be trusted. It has
 mechanisms to detect any data change, loss, or replay. SSL also
 incorporates algorithms that provide identity verification using the
 X509 standard.
 
 X509 makes it possible to identify someone on the Internet.  It is most
 commonly used in e-commerce applications. In basic terms, there should
 be some company called a "Certificate Authority" (or CA) that assigns
 electronic certificates to anyone who needs them. Certificates rely on
 asymmetric encryption algorithms that have two encryption keys (a
 public key and a secret key). A certificate owner can show the
 certificate to another party as proof of identity. A certificate
 consists of its owner's public key. Any data encrypted with this public
 key can be decrypted only using the corresponding secret key, which is
 held by the owner of the certificate.
 
 If you need more information about SSL, X509, or encryption, use your
 favorite Internet search engine to search for keywords in which you are
 interested.
Info Catalog (mysql.info.gz) Secure connections (mysql.info.gz) Secure connections (mysql.info.gz) Secure requirements
automatically generated byinfo2html