The 411 on SSL Certificates

By Gregory Trune


Find out about Secure Sockets Layer and how they can help you:

The World Wide Web is not as safe as it used to be which is due to the amount of data and information online that can be read by other people. There are a large number of people called hackers who uncover secret and confidential data about the people who visit your site. It is even possible for them to obtain information such as credit card details or passwords. Many hackers are able to offer a version of your own website and use this to trick other web users. Their version of your site can be hosted on their own server. This is done to obtain details from them. It is possible to battle these people and this is why SSL or Secure Sockets Layer was created.

Designed in 1994 by Netscape, SSL has become a security technology that is viewed as the standard around the world. It works by creating a link that is encrypted between the web server and the browser. This makes it possible to secure any information that travels between the browser and server. This process is utilized by a great number of providers of e-Business services as they recognize they need to protect their customers' details. They also know that they have a duty to protect the confidentiality of any shopping that occurs online.

The Certificate for SSL:

If a web server wants to use the Secure Sockets Layer protocol, it will require an SSL Certificates provided by the Certification Authorities (CA). You will have to complete several questions about the identity of your company and website, while you choose to trigger SSL on your web server. The web server then constructs two cryptographic keys i.e. a Public Key and a Private Key. The Public Key is not a furtive. It is placed in a Certificate Signing Request or CSR, which is a data file that contains your details. You then require to submit the CSR. The Certification Authority validates all the details that you have provided in the CSR throughout the SSL Certificate application process. It further allocates an SSL Certificate that contains all your details and thus allows you to use SSL. The issued SSL Certificate is matched to the Private Key by your web server. This will enable your web server to establish an encrypted link between your website and the customer's web browser.

Although these issues can be troublesome, customers are unable to see any of the issues and protocols. There is the provision of the key logo to their browser which guarantees a user they are covered by SSL and an encrypted session. Customers can see their details and SSL certificate by clicking on the lock icon which is provided on the screen. On the whole, SSL certificates are granted to respected and accountable individuals and companies.

Information contained within the SSL certificate includes company name, the name of your domain, the city, an actual address, pin code, state and country. There is also the addition of the expiration date when the Certificate cannot be used after. There are also other details pertaining to the Certification Authority, the firm that provides the Certificate. If you have a SSL certificate, when you attempt to connect to a secure site, this will find the SSL certificate which is used by the site. A verification process that the SSL certificate of the other site is a genuine one to be trusted and is being used by the site that it has been allocated to. Similarly, the expiration date of the other site will be examined. If at any point an error is returned, a warning message will be provided to the user.

There is no doubt that the golden padlock has been accepted by many customers. It is viewed as a symbol of trust for the site. There is little doubt that the e-Business company can use this as an ideal opportunity to encourage trust and additional expenditure from customers and also turn visitors into customers. There are numerous shopping carts or sites that take information from customers and a large percentage utilize the SLL certificates. Nevertheless, users should recall that if confidential information is sent by email, this information is not naturally secured.

Functions that are new to users:

There is an improved version of SSL v2 and it is called SSL v3. This version offers support for authenticating certificates and it now has SHA-1 based ciphers. It is true that some flaws were in SLL v2 such as when cryptographic keys were indistinguishable in addition to the authentication process for messages. There was also no provision in the previous version to secure the handshake process which meant that a downgrade attack from the "man in the middle" could occur with no one being any the wiser.

Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.

Do you have a need for an SSL Certificate? People who appreciate privacy and ask for it from others need to buy SSL:

* If privacy of others and yourself as well as a need to have trust in your site is important, then the purchase of the SSL certificate is vital.

There is a need for offices that have intranet usage where information is being distributed to obtain an SSL certificate.

* It is also advisable to get an SSL Certificate in case you have offices, which share confidential information over an intranet.

* An SSL Certificate helps you to process several sensitive data including date of birth, ID numbers, address, telephone number or license number safely.

There is also a need to use SSL certificates to fully pass security and privacy requirements.

Some helpful information about purchasing SSL Certificates:

* The Certificate Authority market is quite diverse, but it is better to purchase an SSL Certificate that meets your requirements as well as budget. You can find a number of Secure Sockets Layer Certificate in different price range. The Open Directory Project identifies 22 third parties and offers over 20 root certificates that are included into Firefox and Internet Explorer. However, due to its price, it is dominated only by a few major firms.

There was a survey undertaken by Netcraft in 2005 which set out to find the largest vendor that offers SSL certificates. This was followed in January 2007 when Security Space set out to undertake a similar project. This latter survey listed a few firms as being highly rated. These sites include Equifax represented by its GeoTrust subsidiary (www.equifax.com), VeriSign which was represented by the Thawte subsidiary (www.verisign.com), in addition to GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) as well as Comodo (www.comodo.com).

In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.




About the Author:



0/Post a Comment/Comments

أحدث أقدم