An Explanation of SSL Certificates

Find out about Secure Sockets Layer and how they can help you:

Internet is no longer a safe place, as information passed on through online can also be read by other people. There are a number of malevolent people known as hackers, who can easily reveal the confidential information that visitors exchange with your website. They can even obtain these types of sensitive information such as, passwords or credit card numbers. It is also possible that these hackers present a customized version of your website, which is hosted on their server to your innocent customers. In most of the cases, this is done to collect some confidential and important information from them. To fight against these hackers, a special Internet protocol called Secure Sockets Layer or SSL was created and thus secure web hosting was born .

The Secure Sockets Layer or SSL is a world wide standard security technology, which is developed by Netscape in 1994. It facilitates to establish an encrypted link between a browser and a web server. This link makes it certain that all the data, which passed between the web server and browser remains secure and private. It is recognized by a secured padlock that appears in the browser of the consumers. This protocol is used by a huge number of e-Business providers in order to shield their customer’s important information as well as to ensure that the online transactions remain confidential.

SSL Certificate:

If a web server wants to use the Secure Sockets Layer protocol, it will require an SSL Certificates provided by the Certification Authorities (CA). You will have to complete several questions about the identity of your company and website, while you choose to trigger SSL on your web server. The web server then constructs two cryptographic keys i.e. a Public Key and a Private Key. The Public Key is not a furtive. It is placed in a Certificate Signing Request or CSR, which is a data file that contains your details. You then require to submit the CSR. The Certification Authority validates all the details that you have provided in the CSR throughout the SSL Certificate application process. It further allocates an SSL Certificate that contains all your details and thus allows you to use SSL. The issued SSL Certificate is matched to the Private Key by your web server. This will enable your web server to establish an encrypted link between your website and the customer’s web browser.

However, all these complex procedures of the SSL protocol remain undetectable to the customers. What their browser provides to them is a key indicator that helps to let them know they are well protected by an SSL encrypted session. There is a lock icon in the lower right hand corner of your customer’s browser by clicking which, your SSL Certificate and all other details are displayed. Generally, all these SSL Certificates are allotted to registered companies and to legally accountable individuals.

These SSL Certificates usually contains your company name, domain name, and your address, city, pin code, state and country. It further includes the expiration date of the Certificate as well as the other details of the Certification Authority, who is in charge for the issuance of the Certificate. Whenever the browser connects to a secure site, your SSL Certificate will recover the site’s SSL Certificate. It will check that the other site’s SSL Certificate has been issued by a trustworthy Certification Authority and that it is being utilized by the website for which it has been allotted. It will also check the expiry date of that certificate. If the other certificate fails on any one of these checks, the browser will display a warning message to the end user.

The consumers are now much more comfortable with the golden padlock, which appears within their browser display. It is now considered as an indication of trust in the web site. In fact, this simple fact gives an e-Business provider an opportunity to influence the increased trust level in order to transform visitors into paying customers. All kinds of ecommerce shopping carts and sites that allow you to collect secure information on your website use SSL Certificates. However, it is also essential to keep in mind that while you use a secure server certificate with a form and get the result emailed to you, the email is not secure at all.

The new functions:

The SSL v3 has been recently introduced and is an improved version of upon SSL v2. It has been added with SHA-1 based ciphers and provides support for certificate authentication. There were certain flaws in the SSL v2, where indistinguishable cryptographic keys were used for encryption as well as for message authentication. Moreover, the former version had no protection for the handshake, which implies a “Man-in-the-middle downgrade attack” could even go unnoticed.

Another interesting progression has been TLS (Transport Layer Security) superseding SSL. There is no doubt that TLS has been heavily influenced by SSL and is viewed as a key player in Microsoft and Netscape browsers in addition to a whole host web serving products. Today, the SLL utilizes public as well as private keys to provide an encryption service from the RSA that allows users to have a digital certificate.

Do you require an SSL Certificate:

Companies who provide an online shopping provision and allow customers to use credit cards are advised to have an SSL certificate to ensure an extra layer of protection for customers.

* Those who have online shopping facilities and accept credit cards require the SSL certificate to provide a level of security about customer information.

* SSL Certificates can be a useful tool in an office if confidential data is placed on an intranet system.

* If you process data like date of births, addresses, telephone numbers, licenses or ID numbers then as SSL certificate is required to process this securely.

* If in case your business partners log in to private information on an extranet, an SSL Certificate helps you to protect them from hackers.

Some helpful information about purchasing SSL Certificates:

* The need to balance budget with your requirements is an important factor in which SSL certificate you buy from the numerous providers. There are many different packages available at a whole host of prices. A quick check of the Open Directory Project shows there are 22 third parties and that there in excess of 20 root certificates that can be utilized with Internet Explorer and Firefox. As with most industries though, the genre is dominated by a few firms battling on price.

* Netcraft conducted a survey in June 2005 to enlist the largest vendors providing SSL Certificates. The Security Space made similar tallies in January 2007, according to which the major vendors are Equifax via its GeoTrust subsidiary (www.equifax.com), VeriSign plus through its Thawte subsidiary (www.verisign.com), GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) and Comodo (www.comodo.com).

In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.