Find out what Secure Sockets Layer is and how it can benefit you:
With people having the ability to read the information of other folk, the Internet is not as safe as it once was. Hackers are people who are able to uncover the information that people pass on websites. It is also possible for them to get hold of confidential data like credit card details or passwords. Many hackers also have the ability to offer their own version of another person's website and this can be hosted on their own server. This is done to fool customers who may be unaware of these issues. The majority of hackers act to obtain information that is of value and interest about people. One way of combating these hackers is by using the Secure Sockets Layer or SSL.
Designed in 1994 by Netscape, SSL has become a security technology that is viewed as the standard around the world. It works by creating a link that is encrypted between the web server and the browser. This makes it possible to secure any information that travels between the browser and server. This process is utilized by a great number of providers of e-Business services as they recognize they need to protect their customers' details. They also know that they have a duty to protect the confidentiality of any shopping that occurs online.
SSL Certificate:
A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.
None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.
The usual information contained within an SSL Certificate will usually provide country, state, city, and address, name of the company and the domain name of the site. The expiration date of the certificate will also be included as will further information about the Certification Authority that holds the responsibility for issuing the certificates. If the browser of the visitor connects to the secured site, the SSL certificate will be unable to retrieve the SSL certificate from the site. A quick search in the veracity of the sites SSL certificate will be undertaken and that it has been allocated to the website claiming it is for. Another check will also be undertaken on the date of expiry for the certificate. If for any reason the certificate does not pass all the questions asked of it, there will be a warning displayed to the final user.
The golden padlock which appears on the browser has generated a higher degree of confidence amongst shoppers and is recognized as a symbol of trust. This has been taken on by many electronic business providers in an attempt to convince customers to shop with them. A whole host of shopping carts and commercial sites now offer shoppers the facility of securing their information through use of the SSL certificates. One thing to remember though is that if this information is then emailed to you, the information contained within the email is not secure.
Functions that are new to users:
The SSL v3 has been recently introduced and is an improved version of upon SSL v2. It has been added with SHA-1 based ciphers and provides support for certificate authentication. There were certain flaws in the SSL v2, where indistinguishable cryptographic keys were used for encryption as well as for message authentication. Moreover, the former version had no protection for the handshake, which implies a "Man-in-the-middle downgrade attack" could even go unnoticed.
Another interesting progression has been TLS (Transport Layer Security) superseding SSL. There is no doubt that TLS has been heavily influenced by SSL and is viewed as a key player in Microsoft and Netscape browsers in addition to a whole host web serving products. Today, the SLL utilizes public as well as private keys to provide an encryption service from the RSA that allows users to have a digital certificate.
SSL Certificate, do you need one:
Companies who provide an online shopping provision and allow customers to use credit cards are advised to have an SSL certificate to ensure an extra layer of protection for customers.
* Those who have online shopping facilities and accept credit cards require the SSL certificate to provide a level of security about customer information.
* It is also advisable to get an SSL Certificate in case you have offices, which share confidential information over an intranet.
* If you process data like date of births, addresses, telephone numbers, licenses or ID numbers then as SSL certificate is required to process this securely.
There is also a need to use SSL certificates to fully pass security and privacy requirements.
Some helpful information about purchasing SSL Certificates:
* The need to balance budget with your requirements is an important factor in which SSL certificate you buy from the numerous providers. There are many different packages available at a whole host of prices. A quick check of the Open Directory Project shows there are 22 third parties and that there in excess of 20 root certificates that can be utilized with Internet Explorer and Firefox. As with most industries though, the genre is dominated by a few firms battling on price.
* Netcraft conducted a survey in June 2005 to enlist the largest vendors providing SSL Certificates. The Security Space made similar tallies in January 2007, according to which the major vendors are Equifax via its GeoTrust subsidiary (www.equifax.com), VeriSign plus through its Thawte subsidiary (www.verisign.com), GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) and Comodo (www.comodo.com).
Although some variance will exist due to the way that markets are measured, is is considered that these 6 companies share roughly 95% of the entire industry. The largest firm with a market share of 72% is Verisign and the next is Comodo which contains about 18% of the market share. This is followed by Geotrust that has just under 3.5% and then Entrust who have 2.5% of the market. The last company is GoDaddy which clocks in at around 1%. The remaining firms contain about 3 to 4% on average.
With people having the ability to read the information of other folk, the Internet is not as safe as it once was. Hackers are people who are able to uncover the information that people pass on websites. It is also possible for them to get hold of confidential data like credit card details or passwords. Many hackers also have the ability to offer their own version of another person's website and this can be hosted on their own server. This is done to fool customers who may be unaware of these issues. The majority of hackers act to obtain information that is of value and interest about people. One way of combating these hackers is by using the Secure Sockets Layer or SSL.
Designed in 1994 by Netscape, SSL has become a security technology that is viewed as the standard around the world. It works by creating a link that is encrypted between the web server and the browser. This makes it possible to secure any information that travels between the browser and server. This process is utilized by a great number of providers of e-Business services as they recognize they need to protect their customers' details. They also know that they have a duty to protect the confidentiality of any shopping that occurs online.
SSL Certificate:
A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.
None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.
The usual information contained within an SSL Certificate will usually provide country, state, city, and address, name of the company and the domain name of the site. The expiration date of the certificate will also be included as will further information about the Certification Authority that holds the responsibility for issuing the certificates. If the browser of the visitor connects to the secured site, the SSL certificate will be unable to retrieve the SSL certificate from the site. A quick search in the veracity of the sites SSL certificate will be undertaken and that it has been allocated to the website claiming it is for. Another check will also be undertaken on the date of expiry for the certificate. If for any reason the certificate does not pass all the questions asked of it, there will be a warning displayed to the final user.
The golden padlock which appears on the browser has generated a higher degree of confidence amongst shoppers and is recognized as a symbol of trust. This has been taken on by many electronic business providers in an attempt to convince customers to shop with them. A whole host of shopping carts and commercial sites now offer shoppers the facility of securing their information through use of the SSL certificates. One thing to remember though is that if this information is then emailed to you, the information contained within the email is not secure.
Functions that are new to users:
The SSL v3 has been recently introduced and is an improved version of upon SSL v2. It has been added with SHA-1 based ciphers and provides support for certificate authentication. There were certain flaws in the SSL v2, where indistinguishable cryptographic keys were used for encryption as well as for message authentication. Moreover, the former version had no protection for the handshake, which implies a "Man-in-the-middle downgrade attack" could even go unnoticed.
Another interesting progression has been TLS (Transport Layer Security) superseding SSL. There is no doubt that TLS has been heavily influenced by SSL and is viewed as a key player in Microsoft and Netscape browsers in addition to a whole host web serving products. Today, the SLL utilizes public as well as private keys to provide an encryption service from the RSA that allows users to have a digital certificate.
SSL Certificate, do you need one:
Companies who provide an online shopping provision and allow customers to use credit cards are advised to have an SSL certificate to ensure an extra layer of protection for customers.
* Those who have online shopping facilities and accept credit cards require the SSL certificate to provide a level of security about customer information.
* It is also advisable to get an SSL Certificate in case you have offices, which share confidential information over an intranet.
* If you process data like date of births, addresses, telephone numbers, licenses or ID numbers then as SSL certificate is required to process this securely.
There is also a need to use SSL certificates to fully pass security and privacy requirements.
Some helpful information about purchasing SSL Certificates:
* The need to balance budget with your requirements is an important factor in which SSL certificate you buy from the numerous providers. There are many different packages available at a whole host of prices. A quick check of the Open Directory Project shows there are 22 third parties and that there in excess of 20 root certificates that can be utilized with Internet Explorer and Firefox. As with most industries though, the genre is dominated by a few firms battling on price.
* Netcraft conducted a survey in June 2005 to enlist the largest vendors providing SSL Certificates. The Security Space made similar tallies in January 2007, according to which the major vendors are Equifax via its GeoTrust subsidiary (www.equifax.com), VeriSign plus through its Thawte subsidiary (www.verisign.com), GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) and Comodo (www.comodo.com).
Although some variance will exist due to the way that markets are measured, is is considered that these 6 companies share roughly 95% of the entire industry. The largest firm with a market share of 72% is Verisign and the next is Comodo which contains about 18% of the market share. This is followed by Geotrust that has just under 3.5% and then Entrust who have 2.5% of the market. The last company is GoDaddy which clocks in at around 1%. The remaining firms contain about 3 to 4% on average.
About the Author:
About author: Gregory Trune is a professional writer in the web hosting industry. Visit WebHostingMadness.com to follow his search for the best hosting companies each month.
Không có nhận xét nào:
Đăng nhận xét