An Explanation of SSL Certificates
submitted: Sep 21st 2008 |
by: MattHedges |
Total views: 2 |
Word Count: 1278 |
| 
Find out what Secure Sockets Layer is and how it can benefit you:
Internet is no longer a safe place, as information passed on through online can also be read by other people. There are a number of malevolent people known as hackers, who can easily reveal the confidential information that visitors exchange with your website. They can even obtain these types of sensitive information such as, passwords or credit card numbers. It is also possible that these hackers present a customized version of your website, which is hosted on their server to your innocent customers. In most of the cases, this is done to collect some confidential and important information from them. To fight against these hackers, a special Internet protocol called Secure Sockets Layer or SSL was created and thus secure web hosting was born .
Since 1994 when it was developed by Netscape, the SSL has developed into a security technology that is now recognized as an standard across the world. It works in a way to ensure that a secure link between a server and a browser. All OF this adds up to making sure that any information that is passed between parties remains secure. The security can be seen the padlock emblem that appears on screen. Many e-Business companies appreciate this opportunity to safeguard the information of their customers as well as ensuring the confidentiality of any transactions that take place
SSL Certificate:
A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.
None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.
Information contained within the SSL certificate includes company name, the name of your domain, the city, an actual address, pin code, state and country. There is also the addition of the expiration date when the Certificate cannot be used after. There are also other details pertaining to the Certification Authority, the firm that provides the Certificate. If you have a SSL certificate, when you attempt to connect to a secure site, this will find the SSL certificate which is used by the site. A verification process that the SSL certificate of the other site is a genuine one to be trusted and is being used by the site that it has been allocated to. Similarly, the expiration date of the other site will be examined. If at any point an error is returned, a warning message will be provided to the user.
There is no doubt that the golden padlock has been accepted by many customers. It is viewed as a symbol of trust for the site. There is little doubt that the e-Business company can use this as an ideal opportunity to encourage trust and additional expenditure from customers and also turn visitors into customers. There are numerous shopping carts or sites that take information from customers and a large percentage utilize the SLL certificates. Nevertheless, users should recall that if confidential information is sent by email, this information is not naturally secured.
The new functions:
Many users may be aware of the SSL v2 version but the SSL v3 is a much improved version. The SHA-1 based cipher has been added and this offers assistance with regards to authenticating certificates. SSL v2 had some flaws like when cryptographic keys were utilized for both the authenticating messages and encryption. In addition to this, SSL v2 did not provide any level of protection for the handshake, leaving it open to "man in the middle downgrade attacks" occurring without anyone noticing.
Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.
Do you have a need for an SSL Certificate? People who appreciate privacy and ask for it from others need to buy SSL:
* You will need to purchase the Secure Sockets Layer Certificate if you value privacy and expect others to trust your website and service.
There is a need for offices that have intranet usage where information is being distributed to obtain an SSL certificate.
If you have a need to process information such as telephone numbers, ID numbers, license numbers, date of births or addresses then an SSL certificate can aid this process.
* An SSL Certificate helps you to process several sensitive data including date of birth, ID numbers, address, telephone number or license number safely.
* If anyone in your firm utilizes an extranet, the SSL certificate is an additional layer of security from those wanting to hack your site.
Beneficial data to consider when buying SSL Certificates:
Although the Certificate Authority is an extremely wide one, there is a need to consider your requirements and budget before choosing who to buy from. There are a lot of SSL certificate firms that are able to meet many price ranges. There are 22 separate their parties who can be found from checking the Open Directory Project and there are also well over 20 root certificates that can be found in Internet Explorer and Firefox. The market however is dominated by a few firms and this is mainly down to pricing issues.
* A survey undertaken in June of 2005 by Netcraft set out to find the names of the biggest providers of SSL certificates. This was backed up in 2007 when Security Space attempted a similar search. The top ranker was found to be Equifax, through its Geotrust arm (www.equifax.com), the next was VeriSign plus which utilized their Thawte subsidiary (www.verisign.com) as well as GoDaddy/Starfield (www.godaddy.com),, Comodo (www.comodo.com) and Digicert (www.digicert.com).
In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.
About the Author
About the author: Matt Hedges, 12 year veteran of the web hosting industry, helps small business owners find the best hosting companies on the Internet. Hedges is the head staff writer for WebHostingMadness.com, a web hosting review site.
Comments
No comments posted.
You do not have permission to comment. If you log in, you may be able to comment.
