1. Field of the Invention
The invention relates to network communication. More specifically, the invention relates to secure communication between network devices without the use of secure socket layer.
2. Background
With the proliferation of the internet, the need and desirability of managing devices over a distributed network in a secure manner continues to increase. Typical web browsers support Java, Java Script, frames and forms. However, the contents of such frames, forms, and even the Java Script passed between a web browser and a web server is typically freely visible to potential third parties snooping the web traffic. To ensure proper management and to avoid intentional and unintentional acquisition of sensitive data by third parties, the exchange between a browser and a device under management, should be secure, e.g., both authenticated and encrypted.
To permit secure communication between network nodes, Secure Socket Layer (“SSL”) was developed by Netscape Communications Corporation as a protocol to permit encrypted communications. SSL is layered under Hypertext Transfer Protocol (“HTTP”) and Above Transmission Control Protocol/Internet Protocol (“TCP/IP”). SSL is used by HTTPS as access methods. Unfortunately, SSL requires third party authentication, embedded certificates and exchange of certificates when the host name is changed. For these and other reasons, it is not suitable for management of embedded network appliances or certain other environments in which secure communication is desirable.