For many years, private encrypted messages were communicated between two or more users using keys that are shared among them. Under this model, any two users wishing to communicate privately need to establish a "secure" or protected channel of some kind to share the secret key. This traditional model for cryptography introduces many complications from key management point of view since each user would have to keep numerous secret keys to be used for communicating with all the needed users.
In 1977, the concept of public-key cryptography was invented where two parties can communicate privately without the need to share any secrets. Each party establishes a key-pair, one private key and one public key. The public key, as the name implies, is published to all nodes on a network and is used to encrypt messages to the node. The private key performs the inverse operation and enables the receiving node to decrypt the messages. The private key never leaves the node that "owns" it. This model for private communications simplifies the key management problem to a great extent.
Public-key cryptography can also be used to exchange a secret key between two (or more) nodes without having to communicate any secrets. But, perhaps the most prevalent application for public-key cryptography is a technology referred to as "digital signatures." This technology allows nodes to sign documents or messages using the private key allowing all other nodes to verify the signature using the published public key. The mathematics of public-key cryptosystems make it possible for one node to create a signature for a particular message, allowing others to verify the signature while ensuring that "forging" someone else's signature is computationally not feasible.
The only issue left with the above model for public-key cryptography is the following question:
Why should one believe that a published public key actually belongs to a given user?
This question can be answered using the notion of a digital certificate. The digital certificate of a user is a message composed of the name and other information about the user together with the user's public key. This entire message is digitally signed by an authority that is known to many users and that has the capacity of verifying the identity of a user. A user generates a public-private keypair, safely stores the private key and takes the public key to an authority with proof of identity. The authority generates a digital signature for the user and hands back a digital certificate. The certificate can then be published in a directory or attached to any message being signed by the user. Any other user can then verify the signature of the user using the attached certificate while ensuring the authenticity of the user's identity.
The RSA public-key cryptosystem is the most commonly used in commercial applications and systems. It provides capability for both encryption/decryption operations as well as digital signature and verification operations. The X.509 standard defines a format for digital certificates using the RSA algorithm which SSL supports.
It is also important to note that for performance reasons, public key encryption and decryption is usually constrained to signature applications and encryption of short data blocks such as data encryption keys. Traditional symmetric-key encryption algorithms are usually used for bulk data encryption. SSL supports a variety of symmetric-key algorithms including the DES standard and exportable versions of RC2 and RC4. Refer to the SSL specification document for a complete list of the supported encryption algorithms.