SUPPORTING END-TO-END SECURITY ACROSS PROXIES WITH MULTIPLE- CHANNEL SSL

Abstract: Secure Socket Layer (SSL) has functional limitations that prevent end-to-end security in the presence of untrusted intermediary application proxies used by clients to communicate with servers. This paper introduces Multiple-Channel SSL (MC-SSL), an extension of SSL, and describes and analyzes the design of MC-SSL proxy channel protocol that enables the support for end-to-end security of client-server communications in the presence of application proxies. MC-SSL is able to securely negotiate multiple virtual channels with different security characteristics including application proxy and cipher suite