Ms. Asha Bora continuing with the SSL Security..
In my last article I wrote about “what is SSL Security?” I hope you all have understood it.. So now continuing with SSL Security, lets discuss about “How SSL Works?”
As I had written earlier, Secure Sockets Layer (SSL) technology protects our Web site. Also it makes it easy for our Web site visitors to trust us in the following three essential ways:
In my last article I wrote about “what is SSL Security?” I hope you all have understood it.. So now continuing with SSL Security, lets discuss about “How SSL Works?”
As I had written earlier, Secure Sockets Layer (SSL) technology protects our Web site. Also it makes it easy for our Web site visitors to trust us in the following three essential ways:
- An SSL Certificate enables encryption of sensitive information during online transactions.
- Each SSL Certificate contains unique, authenticated information about the certificate owner.
- A Certificate Authority verifies the identity of the certificate owner when it is issued.
Now the question arises: How Encryption Works?
Suppose we are sending a mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might even take it or change it.
Our postage of data on the internet is just as unsafe as this envelope is. An SSL Certificate actually protects our data. It establishes a private communication channel enabling encryption of the data during transmission. Encryption jumbles the data, in order to create an envelope for message privacy.
As I had mentioned earlier, each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it.
When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key and secure transmission can begin.
How Authentication Works?
Just think of receiving an envelope with no return address, containing a form asking for our bank account number.
Here also, SSL comes to the rescue.. Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. When the SSL handshake (Exchange of information) occurs, the browser requires authentication information from the server.
By clicking the closed padlock in the browser window or certain SSL trust marks the Web site visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning.
Why Authentication Matters?
Like a passport or a driving license, an SSL Certificate is issued by a trusted source, known as the Certificate Authority (CA). Many CAs simply verify the domain name and issue the certificate.
This was all about the working of SSL security.. In my next article I will be dealing with “FAQ’s on SSL”.
References :
Suppose we are sending a mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might even take it or change it.
Our postage of data on the internet is just as unsafe as this envelope is. An SSL Certificate actually protects our data. It establishes a private communication channel enabling encryption of the data during transmission. Encryption jumbles the data, in order to create an envelope for message privacy.
As I had mentioned earlier, each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it.
When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key and secure transmission can begin.
How Authentication Works?
Just think of receiving an envelope with no return address, containing a form asking for our bank account number.
Here also, SSL comes to the rescue.. Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. When the SSL handshake (Exchange of information) occurs, the browser requires authentication information from the server.
By clicking the closed padlock in the browser window or certain SSL trust marks the Web site visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning.
Why Authentication Matters?
Like a passport or a driving license, an SSL Certificate is issued by a trusted source, known as the Certificate Authority (CA). Many CAs simply verify the domain name and issue the certificate.
This was all about the working of SSL security.. In my next article I will be dealing with “FAQ’s on SSL”.
References :
- www.verisign.com/ssl/
No comments:
Post a Comment