Security just above the Network layer, so it can be used by NNTP, FTP.....
One-way (and soon two-way) Authentication via RSA and X.509 Certificates
Provides an encrypted channel for sending such data as Credit Card numbers
Easy to add support for SSL via alternate BSD socket calls
Protocol:
1. Client sends server a "hello" message
2. Server sends over certificate (includes server's public key)
3. Client creates session key, sends it encrypted in server's public key
4. Session is encrypted using RC4 with the session key
thereafter, HTTP is spoken as usual
