# How Netscape Created the Secure Socket Layer (SSL) for Web Security

> Netscape's 1995 patent defining the architecture for SSL, the foundational technology that allows browsers to securely transmit encrypted data over the internet.

- **Patent:** US 5657390
- **Original title:** Secure socket layer application program apparatus and method
- **Owner:** Netscape Communications Corp
- **Granted:** 1997
- **Status:** Public domain (expired)
- **Times cited:** 383
- **Field:** software, telecommunications, ecommerce

## What it does

This patent describes a software layer that sits between an application, like a web browser, and the network transport protocols. It provides a socket interface that allows applications to send and receive data without needing to know the technical details of the encryption process. When data is sent, the code intercepts it, encrypts it, and passes it to the transport layer. When data is received, it decrypts the information before handing it off to the application, ensuring that sensitive data like credit card numbers remains private during transit.

## What it does NOT cover

- Does not cover specific encryption algorithms like RSA or AES individually.
- Does not cover the physical hardware or network cabling used to transmit data.
- Does not cover the underlying TCP/IP protocol stack itself.
- Does not cover authentication methods like digital certificates not described in the specific socket-layer implementation.

## The clever bit

The innovation was placing encryption at the socket layer, which allowed developers to add security to existing applications without rewriting the entire network communication stack.

## Real-world examples

1. HTTPS web browsing
2. Secure email transmission (SMTPS)
3. Online banking portals
4. E-commerce checkout pages

## Why it matters

This patent is the blueprint for the 's' in HTTPS. By creating a standardized way to encrypt data at the socket layer, it enabled the birth of e-commerce and secure online banking, transforming the internet from an open, insecure network into a platform for private transactions.

## Frequently asked questions

### What does How Netscape Created the Secure Socket Layer (SSL) for Web Security cover?

Netscape's 1995 patent defining the architecture for SSL, the foundational technology that allows browsers to securely transmit encrypted data over the internet.

### Who owns patent US 5657390?

Netscape Communications Corp owns this patent, granted in 1997.

### When does this patent expire?

This patent has expired and is now in the public domain — anyone can use the invention freely.

### What is patent US 5657390 cited by?

This patent has been cited by 383 later patents that build on its ideas.

### What problem does this patent solve?

This patent is the blueprint for the 's' in HTTPS. By creating a standardized way to encrypt data at the socket layer, it enabled the birth of e-commerce and secure online banking, transforming the internet from an open, insecure network into a platform for private transactions.

### What does this patent NOT cover?

Does not cover specific encryption algorithms like RSA or AES individually.

**Full plain-English explainer:** https://patentbrief.org/patent/us/5657390/secure-socket-layer-application-program-apparatus-and-method

**Original patent:** https://patents.google.com/patent/US5657390

---

_Source: PatentBrief — https://patentbrief.org. Patent facts are from public records; the plain-English explanation is PatentBrief's._


## Related patents

Semantically similar inventions in the PatentBrief corpus:

- [How Websites Remember You Using Stored Data](https://patentbrief.org/patent/us/5774670/http-cookie-browser-state) — Netscape's 1998 patent on storing small pieces of website information (like login details or preferences) on your computer so the website can recall them later, enabling personalized experiences and smoother navigation.
- [How to Create a Secret Code Key Without Meeting First](https://patentbrief.org/patent/us/4200770/diffie-hellman-public-key-exchange) — This 1980 patent describes a way for two people to create a secret code key over a public channel, like the internet, without ever meeting or sharing the key directly.
- [How RSA Public-Key Encryption Keeps Digital Messages Secret](https://patentbrief.org/patent/us/4405829/rsa-encryption) — This patent describes the foundational RSA algorithm, a method for securely sending messages where anyone can encrypt a message using a public key, but only the intended recipient can decrypt it using a secret private key.
- [How Early Mobile Devices Accessed the Internet Using Split Proxies](https://patentbrief.org/patent/us/5673322/system-and-method-for-providing-protocol-translation-and-filtering-to-access-the-world-wide-web-from-wireless-or-low-bandwidth-networks) — A 1996 system that made the early web usable on slow, unreliable wireless connections by using two 'proxy' servers to shrink and simplify data before sending it.
- [How Web Browsers Run Embedded Programs Inside Documents](https://patentbrief.org/patent/us/5838906/microsoft-internet-browser) — A 1994 invention that allowed web browsers to automatically launch and run external programs directly inside a webpage, enabling interactive content like 3D models or complex data viewers.
