What is Secure Web Hosting and SSL and what are their benefits:
With people having the ability to read the information of other folk, the Internet is not as safe as it once was. Hackers are people who are able to uncover the information that people pass on websites. It is also possible for them to get hold of confidential data like credit card details or passwords. Many hackers also have the ability to offer their own version of another person's website and this can be hosted on their own server. This is done to fool customers who may be unaware of these issues. The majority of hackers act to obtain information that is of value and interest about people. One way of combating these hackers is by using the Secure Sockets Layer or SSL.
The Secure Sockets Layer or SSL is a world wide standard security technology, which is developed by Netscape in 1994. It facilitates to establish an encrypted link between a browser and a web server. This link makes it certain that all the data, which passed between the web server and browser remains secure and private. It is recognized by a secured padlock that appears in the browser of the consumers. This protocol is used by a huge number of e-Business providers in order to shield their customer's important information as well as to ensure that the online transactions remain confidential.
SSL Certificate:
A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.
None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.
The usual information contained within an SSL Certificate will usually provide country, state, city, and address, name of the company and the domain name of the site. The expiration date of the certificate will also be included as will further information about the Certification Authority that holds the responsibility for issuing the certificates. If the browser of the visitor connects to the secured site, the SSL certificate will be unable to retrieve the SSL certificate from the site. A quick search in the veracity of the sites SSL certificate will be undertaken and that it has been allocated to the website claiming it is for. Another check will also be undertaken on the date of expiry for the certificate. If for any reason the certificate does not pass all the questions asked of it, there will be a warning displayed to the final user.
The golden padlock which appears on the browser has generated a higher degree of confidence amongst shoppers and is recognized as a symbol of trust. This has been taken on by many electronic business providers in an attempt to convince customers to shop with them. A whole host of shopping carts and commercial sites now offer shoppers the facility of securing their information through use of the SSL certificates. One thing to remember though is that if this information is then emailed to you, the information contained within the email is not secure.
The new functions:
Many users may be aware of the SSL v2 version but the SSL v3 is a much improved version. The SHA-1 based cipher has been added and this offers assistance with regards to authenticating certificates. SSL v2 had some flaws like when cryptographic keys were utilized for both the authenticating messages and encryption. In addition to this, SSL v2 did not provide any level of protection for the handshake, leaving it open to "man in the middle downgrade attacks" occurring without anyone noticing.
Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.
Do you require an SSL Certificate:
* If privacy of others and yourself as well as a need to have trust in your site is important, then the purchase of the SSL certificate is vital.
* Those who have online shopping facilities and accept credit cards require the SSL certificate to provide a level of security about customer information.
* SSL Certificates can be a useful tool in an office if confidential data is placed on an intranet system.
For businesses that have a number of partners who share and provide information on an extranet system, having an SSL certificate is able to offer more protection from hackers.
There is also a need to use SSL certificates to fully pass security and privacy requirements.
Some helpful information about purchasing SSL Certificates:
Although the Certificate Authority is an extremely wide one, there is a need to consider your requirements and budget before choosing who to buy from. There are a lot of SSL certificate firms that are able to meet many price ranges. There are 22 separate their parties who can be found from checking the Open Directory Project and there are also well over 20 root certificates that can be found in Internet Explorer and Firefox. The market however is dominated by a few firms and this is mainly down to pricing issues.
There was a survey undertaken by Netcraft in 2005 which set out to find the largest vendor that offers SSL certificates. This was followed in January 2007 when Security Space set out to undertake a similar project. This latter survey listed a few firms as being highly rated. These sites include Equifax represented by its GeoTrust subsidiary (www.equifax.com), VeriSign which was represented by the Thawte subsidiary (www.verisign.com), in addition to GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) as well as Comodo (www.comodo.com).
In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.
With people having the ability to read the information of other folk, the Internet is not as safe as it once was. Hackers are people who are able to uncover the information that people pass on websites. It is also possible for them to get hold of confidential data like credit card details or passwords. Many hackers also have the ability to offer their own version of another person's website and this can be hosted on their own server. This is done to fool customers who may be unaware of these issues. The majority of hackers act to obtain information that is of value and interest about people. One way of combating these hackers is by using the Secure Sockets Layer or SSL.
The Secure Sockets Layer or SSL is a world wide standard security technology, which is developed by Netscape in 1994. It facilitates to establish an encrypted link between a browser and a web server. This link makes it certain that all the data, which passed between the web server and browser remains secure and private. It is recognized by a secured padlock that appears in the browser of the consumers. This protocol is used by a huge number of e-Business providers in order to shield their customer's important information as well as to ensure that the online transactions remain confidential.
SSL Certificate:
A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.
None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.
The usual information contained within an SSL Certificate will usually provide country, state, city, and address, name of the company and the domain name of the site. The expiration date of the certificate will also be included as will further information about the Certification Authority that holds the responsibility for issuing the certificates. If the browser of the visitor connects to the secured site, the SSL certificate will be unable to retrieve the SSL certificate from the site. A quick search in the veracity of the sites SSL certificate will be undertaken and that it has been allocated to the website claiming it is for. Another check will also be undertaken on the date of expiry for the certificate. If for any reason the certificate does not pass all the questions asked of it, there will be a warning displayed to the final user.
The golden padlock which appears on the browser has generated a higher degree of confidence amongst shoppers and is recognized as a symbol of trust. This has been taken on by many electronic business providers in an attempt to convince customers to shop with them. A whole host of shopping carts and commercial sites now offer shoppers the facility of securing their information through use of the SSL certificates. One thing to remember though is that if this information is then emailed to you, the information contained within the email is not secure.
The new functions:
Many users may be aware of the SSL v2 version but the SSL v3 is a much improved version. The SHA-1 based cipher has been added and this offers assistance with regards to authenticating certificates. SSL v2 had some flaws like when cryptographic keys were utilized for both the authenticating messages and encryption. In addition to this, SSL v2 did not provide any level of protection for the handshake, leaving it open to "man in the middle downgrade attacks" occurring without anyone noticing.
Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.
Do you require an SSL Certificate:
* If privacy of others and yourself as well as a need to have trust in your site is important, then the purchase of the SSL certificate is vital.
* Those who have online shopping facilities and accept credit cards require the SSL certificate to provide a level of security about customer information.
* SSL Certificates can be a useful tool in an office if confidential data is placed on an intranet system.
For businesses that have a number of partners who share and provide information on an extranet system, having an SSL certificate is able to offer more protection from hackers.
There is also a need to use SSL certificates to fully pass security and privacy requirements.
Some helpful information about purchasing SSL Certificates:
Although the Certificate Authority is an extremely wide one, there is a need to consider your requirements and budget before choosing who to buy from. There are a lot of SSL certificate firms that are able to meet many price ranges. There are 22 separate their parties who can be found from checking the Open Directory Project and there are also well over 20 root certificates that can be found in Internet Explorer and Firefox. The market however is dominated by a few firms and this is mainly down to pricing issues.
There was a survey undertaken by Netcraft in 2005 which set out to find the largest vendor that offers SSL certificates. This was followed in January 2007 when Security Space set out to undertake a similar project. This latter survey listed a few firms as being highly rated. These sites include Equifax represented by its GeoTrust subsidiary (www.equifax.com), VeriSign which was represented by the Thawte subsidiary (www.verisign.com), in addition to GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) as well as Comodo (www.comodo.com).
In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.
About the Author:
About author: Gregory Trune is a professional writer in the web hosting industry. Visit WebHostingMadness.com to follow his search for the best hosting companies each month.
No comments:
Post a Comment