Secure Web Hosting
View PDF | Print View
by: Gregory Trune
Total views: 16
Word Count: 1317
Date: Fri, 17 Jun 2011 Time: 10:46 AM
Find out about Secure Sockets Layer and how they can help you:
The World Wide Web is not as safe as it used to be which is due to the amount of data and information online that can be read by other people. There are a large number of people called hackers who uncover secret and confidential data about the people who visit your site. It is even possible for them to obtain information such as credit card details or passwords. Many hackers are able to offer a version of your own website and use this to trick other web users. Their version of your site can be hosted on their own server. This is done to obtain details from them. It is possible to battle these people and this is why SSL or Secure Sockets Layer was created.
The Secure Sockets Layer or SSL is a world wide standard security technology, which is developed by Netscape in 1994. It facilitates to establish an encrypted link between a browser and a web server. This link makes it certain that all the data, which passed between the web server and browser remains secure and private. It is recognized by a secured padlock that appears in the browser of the consumers. This protocol is used by a huge number of e-Business providers in order to shield their customer's important information as well as to ensure that the online transactions remain confidential.
Learn about the SSL Certificate:
If a web server wants to use the Secure Sockets Layer protocol, it will require an SSL Certificates provided by the Certification Authorities (CA). You will have to complete several questions about the identity of your company and website, while you choose to trigger SSL on your web server. The web server then constructs two cryptographic keys i.e. a Public Key and a Private Key. The Public Key is not a furtive. It is placed in a Certificate Signing Request or CSR, which is a data file that contains your details. You then require to submit the CSR. The Certification Authority validates all the details that you have provided in the CSR throughout the SSL Certificate application process. It further allocates an SSL Certificate that contains all your details and thus allows you to use SSL. The issued SSL Certificate is matched to the Private Key by your web server. This will enable your web server to establish an encrypted link between your website and the customer's web browser.
None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.
Information contained within the SSL certificate includes company name, the name of your domain, the city, an actual address, pin code, state and country. There is also the addition of the expiration date when the Certificate cannot be used after. There are also other details pertaining to the Certification Authority, the firm that provides the Certificate. If you have a SSL certificate, when you attempt to connect to a secure site, this will find the SSL certificate which is used by the site. A verification process that the SSL certificate of the other site is a genuine one to be trusted and is being used by the site that it has been allocated to. Similarly, the expiration date of the other site will be examined. If at any point an error is returned, a warning message will be provided to the user.
There is no doubt that the golden padlock has been accepted by many customers. It is viewed as a symbol of trust for the site. There is little doubt that the e-Business company can use this as an ideal opportunity to encourage trust and additional expenditure from customers and also turn visitors into customers. There are numerous shopping carts or sites that take information from customers and a large percentage utilize the SLL certificates. Nevertheless, users should recall that if confidential information is sent by email, this information is not naturally secured.
Functions that are new to users:
Many users may be aware of the SSL v2 version but the SSL v3 is a much improved version. The SHA-1 based cipher has been added and this offers assistance with regards to authenticating certificates. SSL v2 had some flaws like when cryptographic keys were utilized for both the authenticating messages and encryption. In addition to this, SSL v2 did not provide any level of protection for the handshake, leaving it open to "man in the middle downgrade attacks" occurring without anyone noticing.
Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.
Do you require an SSL Certificate:
Companies who provide an online shopping provision and allow customers to use credit cards are advised to have an SSL certificate to ensure an extra layer of protection for customers.
* Those who have online shopping facilities and accept credit cards require the SSL certificate to provide a level of security about customer information.
* It is also advisable to get an SSL Certificate in case you have offices, which share confidential information over an intranet.
* An SSL Certificate helps you to process several sensitive data including date of birth, ID numbers, address, telephone number or license number safely.
* If anyone in your firm utilizes an extranet, the SSL certificate is an additional layer of security from those wanting to hack your site.
Some helpful information about purchasing SSL Certificates:
* The need to balance budget with your requirements is an important factor in which SSL certificate you buy from the numerous providers. There are many different packages available at a whole host of prices. A quick check of the Open Directory Project shows there are 22 third parties and that there in excess of 20 root certificates that can be utilized with Internet Explorer and Firefox. As with most industries though, the genre is dominated by a few firms battling on price.
There was a survey undertaken by Netcraft in 2005 which set out to find the largest vendor that offers SSL certificates. This was followed in January 2007 when Security Space set out to undertake a similar project. This latter survey listed a few firms as being highly rated. These sites include Equifax represented by its GeoTrust subsidiary (www.equifax.com), VeriSign which was represented by the Thawte subsidiary (www.verisign.com), in addition to GoDaddy/Starfield (www.godaddy.com), Digicert (www.digicert.com) as well as Comodo (www.comodo.com).
Although some variance will exist due to the way that markets are measured, is is considered that these 6 companies share roughly 95% of the entire industry. The largest firm with a market share of 72% is Verisign and the next is Comodo which contains about 18% of the market share. This is followed by Geotrust that has just under 3.5% and then Entrust who have 2.5% of the market. The last company is GoDaddy which clocks in at around 1%. The remaining firms contain about 3 to 4% on average.
About the Author
About author: Gregory Trune is a staff writer for WebHostingMadness.com and web hosting industry blogger. Visit WebHostingMadness.com to read his reviews and ratings of the top web hosting companies each month.
Rating: Not yet rated
