I don't think this is the method SSL uses, because what you're describing is just a variant of symmetric-key encryption. I think SSL uses asymmetric-key encryption. The better metaphor for that is a lock that anyone can lock, but only one person can unlock.
That’s how SSL/TLS does the authorization step, but the typical encryption of the actual content sent back and forth uses a symmetric-key block cipher (the two sides negotiate and it’s pretty modular, so I think you can do whatever kind of encryption you want on the messages, even just sending plain text after a TLS handshake if you want).
True, but my point was that the actual key exchange (that is, the exchange of the symmetric keys used for the bulk of the encryption) is done using asymmetric-key encryption. Since this was in response to the question of how keys are exchanged, I thought it was the relevant phase to discuss.
Except, not necessarily, no. Sorry, my grandparent post should have been clearer that using a public-key method is only one of the ways to do authentication in SSL/TLS. Either way, some symmetric cipher is used for all the content.
I've heard a different variation of the metaphor: I have box with two keys. When I use the first key to lock the box, it can only be opened with the second key, and vice versa. I keep the first key hidden, but publish details of how to make a box and the second key for all world to see. This means that anyone can send me a secure message by simply making a box to my specifications and locking it with the publically available key. Only I can unlock it. This is asymmetric key encryption.
Asymmetric key encryption is slow, and symmetric is fast, so we use the former to set up the conditions necessary for the latter: If we both have a box and keypair like this, then you can send me your secret phrase using mine and I can send you my secret phrase using yours. Now that we each know both secret phrases and nobody else knows either, we can combine the secret phrases and switch to symmetric. That's how SSL is set up.
This is the description of public key cryptography, or as you referred to it, asymmetric cryptography. It is a different technique and solves a different problem from the other metaphor above by asmithmd1, which is for Diffie-Hellman(-Merkle) key exchange.
