What's so great about SSL?

Posted On 2010-03-16 by FortyPoundHead
Keywords: Security SSL TLS Secure Sockets Online Credit Origins
Tags: Security Tutorial 
Views: 1569

Been wondering about the security of your online transactions? The SSL, or Secure Sockets Layer, has you covered.

Today just about any form of activity can be performed via web sites, from applying for a loan or credit card to purchasing items with those credit cards. A surprising amount of personal and confidential data is now transmitted from user's browsers to web sites all over the world. Within a short time of all data being transmitted in plain text using HTTP on TCP port 80 it became clear that more secure ways of interacting over the internet were needed.

Secure Sockets Layer (SSL) is a secure protocol developed by Netscape Communications for the encryption of data transmitted over the internet. The Internet Engineering Task Force (IETF) adopted SSL in 1996 and named it Transport Layer Security (TLS). TLS is equivalent to SSL 3.0 (although TLS and SSL are not interchangeable).

Each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key and secure transmission can begin. True 128-bit SSL Certificates enable every site visitor to experience the strongest SSL encryption available to them.

Imagine receiving an envelope with no return address and a form asking for your bank account number. Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. When the SSL handshake occurs, the browser requires authentication information from the server. By clicking the closed padlock in the browser window or certain SSL trust marks, the Web site visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning.

About the Author

FortyPoundHead has posted a total of 1974 articles.

Comments On This Post

No comments on this post yet!

Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.

Your IP address is:

Before you can post, you need to prove you are human. If you log in, this test goes away.

Code Links