2 replies to this topic

[toto_7]

in web...

Which application layer protocol should use to enable user to submit credit card data,and why?

Common protocols in the trasportm network and data link layer?

Thank you

[gregwarner]

Credit card data, and indeed, ALL sensitive data, should be transmitted over an https ("s" for "secure) connection. For this, you need an SSL certificate signed by a trusted authority (Verisign), which costs money. If you have relatively few people who need to connect with you securely, you can create a self-signed certificate and then manually install it in each of their browsers via a flash drive so that their browsers will "trust" you. This eliminates the need to purchase a CA signed certificate from Verisign, but at the cost of having to manually configure trust on each client.

[fayyazlodhi]

i am sorry though it sounded a little like an assignment but it can be googled too so i would add giving benefit of doubt:

1. SSL is Transport Layer protocol. So when you are encrypting your app through SSL, you are running HTTPS on application layer.
2. Another commonly used encryption protocol other than SSL on internet is IPsec which belongs to Network layer. Common usage scenario is when you dial VPN.
3. Most common transport layer protocols are TCP and UDP. In fact it is a little hard to find others :) though they do exist e.g. RTP.
4. Common protocols of network layer are IPv4/6, ICMP, IGMP, IPsec
5. For link layer common ones are Ethernet (LAN), PPP (When you are connected through modem dial up), ARP (which resolves a given IP on a LAN) etc.