Pages

Subscribe:

Thứ Sáu, 17 tháng 6, 2011

An Explanation of SSL Certificates

By Gregory Trune


What is Secure Web Hosting and SSL and what are their benefits:

The World Wide Web is not as safe as it used to be which is due to the amount of data and information online that can be read by other people. There are a large number of people called hackers who uncover secret and confidential data about the people who visit your site. It is even possible for them to obtain information such as credit card details or passwords. Many hackers are able to offer a version of your own website and use this to trick other web users. Their version of your site can be hosted on their own server. This is done to obtain details from them. It is possible to battle these people and this is why SSL or Secure Sockets Layer was created.

Since 1994 when it was developed by Netscape, the SSL has developed into a security technology that is now recognized as an standard across the world. It works in a way to ensure that a secure link between a server and a browser. All OF this adds up to making sure that any information that is passed between parties remains secure. The security can be seen the padlock emblem that appears on screen. Many e-Business companies appreciate this opportunity to safeguard the information of their customers as well as ensuring the confidentiality of any transactions that take place

Learn about the SSL Certificate:

If a web server wants to use the Secure Sockets Layer protocol, it will require an SSL Certificates provided by the Certification Authorities (CA). You will have to complete several questions about the identity of your company and website, while you choose to trigger SSL on your web server. The web server then constructs two cryptographic keys i.e. a Public Key and a Private Key. The Public Key is not a furtive. It is placed in a Certificate Signing Request or CSR, which is a data file that contains your details. You then require to submit the CSR. The Certification Authority validates all the details that you have provided in the CSR throughout the SSL Certificate application process. It further allocates an SSL Certificate that contains all your details and thus allows you to use SSL. The issued SSL Certificate is matched to the Private Key by your web server. This will enable your web server to establish an encrypted link between your website and the customer's web browser.

None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.

Information contained within the SSL certificate includes company name, the name of your domain, the city, an actual address, pin code, state and country. There is also the addition of the expiration date when the Certificate cannot be used after. There are also other details pertaining to the Certification Authority, the firm that provides the Certificate. If you have a SSL certificate, when you attempt to connect to a secure site, this will find the SSL certificate which is used by the site. A verification process that the SSL certificate of the other site is a genuine one to be trusted and is being used by the site that it has been allocated to. Similarly, the expiration date of the other site will be examined. If at any point an error is returned, a warning message will be provided to the user.

The golden padlock which appears on the browser has generated a higher degree of confidence amongst shoppers and is recognized as a symbol of trust. This has been taken on by many electronic business providers in an attempt to convince customers to shop with them. A whole host of shopping carts and commercial sites now offer shoppers the facility of securing their information through use of the SSL certificates. One thing to remember though is that if this information is then emailed to you, the information contained within the email is not secure.

Functions that are new to users:

The SSL v3 has been recently introduced and is an improved version of upon SSL v2. It has been added with SHA-1 based ciphers and provides support for certificate authentication. There were certain flaws in the SSL v2, where indistinguishable cryptographic keys were used for encryption as well as for message authentication. Moreover, the former version had no protection for the handshake, which implies a "Man-in-the-middle downgrade attack" could even go unnoticed.

Another improvement has come with the Transport Layer Security taking over from the Secure Sockets Layer. The TSL has been clearly influenced by SSL and has taken many uses and styles that are synonymous with Microsoft and Netscape browsers in addition to a great number of products utilizing Web server capabilities. Today, it is common for SSL to utilize public and private key encryption that is able to provide a digital certificate.

Do you require an SSL Certificate:

Companies who provide an online shopping provision and allow customers to use credit cards are advised to have an SSL certificate to ensure an extra layer of protection for customers.

* If you have an online store or accept online orders through credit cards you will need an SSL Certificate in order to safeguard the confidential information of your customers.

* SSL Certificates can be a useful tool in an office if confidential data is placed on an intranet system.

* If you process data like date of births, addresses, telephone numbers, licenses or ID numbers then as SSL certificate is required to process this securely.

* If in case your business partners log in to private information on an extranet, an SSL Certificate helps you to protect them from hackers.

Some helpful information about purchasing SSL Certificates:

* The Certificate Authority market is quite diverse, but it is better to purchase an SSL Certificate that meets your requirements as well as budget. You can find a number of Secure Sockets Layer Certificate in different price range. The Open Directory Project identifies 22 third parties and offers over 20 root certificates that are included into Firefox and Internet Explorer. However, due to its price, it is dominated only by a few major firms.

There was a survey undertaken by Netcraft in 2005 which set out to find the largest vendor that offers SSL certificates. This was followed in January 2007 when Security Space set out to undertake a similar project. This latter survey listed a few firms as being highly rated. These sites include Equifax represented by its GeoTrust subsidiary (www.equifax.com), VeriSign which was represented by the Thawte subsidiary (www.verisign.com), in addition to GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) as well as Comodo (www.comodo.com).

In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.




About the Author:



1 nhận xét:

Blogger nói...

Did you know that you can make cash by locking special areas of your blog / site?
To begin just open an account with AdWorkMedia and embed their Content Locking widget.

Đăng nhận xét