SSL operates by layering a security protocol on top of an underlying reliable connection-oriented transport protocol. The combined protocol establishes a connection with a remote host and then performs a handshake between the two nodes to establish a secure session. Once the security handshake is complete, the protocol then encrypts and authenticates data sent from the local host and decrypts and verifies data received from the remote host. This will all be done in a manner transparent to the application utilizing the SSL protocol.
Using this technology, an application developer can quickly convert a client or a server to provide a variety of security functions. By virtue of this technology being accessible using the Windows Sockets 2.0 API, an end-user application developer can easily provide very strong security within an application. The application can simply enumerate the protocols supported by the system and if any of them provides SSL security, security can be enabled on arbitrary sockets.