What are SSL and Digital
Secure Socket Layer (SSL) is a protocol developed by
Netscape in 1996, which quickly became the method of choice for securing
data transmissions across the Internet. SSL is an integral part of
most Web browsers and Web servers and makes use of the public-and-private
key encryption system developed by Rivest, Shamir, and Adleman.
In order to make an SSL connection, the SSL protocol
requires that a server should have a digital certificate installed.
A digital certificate is an electronic file that uniquely identifies
individuals and servers. Digital certificates serve as a kind of digital
passport or credential which authenticate the server prior to the
SSL session being established.
Typically, digital certificates are signed by an independent
and trusted third party to ensure their validity. The "signer"
of a certificate is known as a Certification Authority (CA), such
as VeriSign, Thawte, and GeoTrust.
When should SSL be used and what can it secure?
SSL certificates help solve two main online security
• Authentication - proving a company's (or server's)
identity online and in so doing create a sense of trust and confidence
in using a Web site.
• Encryption - offering protection for the data submitted to
a Web site (or between servers) so that in the event of interception,
it will be unintelligible without the unique key used for decryption.
Solving these security problems allows online business
to protect against the following scenarios:
• Spoofing - The low cost of Web site design and ease with which
existing pages can be copied makes it all too easy
to create illegitimate sites that appear to be published by established
organizations. In fact, con artists have illegally
obtained credit card numbers by setting up professional-looking storefronts
that mimic legitimate businesses.
• Unauthorized Disclosure - when information is transmitted
"in the clear", making it possible for hackers to intercept
the transmissions and obtain sensitive information
from customers. • Data alteration - the content of a transaction
can be intercepted and altered en route, either
maliciously or accidentally. User names, credit card, and social security
numbers as well as currency amounts; indeed any information sent "in
the clear" is all vulnerable to alteration.
So what are the practical applications of SSL certificates?
Firstly, looking at categories of data, the most common
deployment is for securing transmission of financial information in
ecommerce. However, with incidence of identity theft on the rise,
protecting the transmission of a broad range of personally identifiable
information is becoming ever more important. This category of data
would include identity and social security numbers, e-mail addresses
and demographic information as well as account registration and login
In terms of applications and protocols, SSL Certificates
can be used to secure the following:
• Web Servers
• Mail Servers
• FTP Sites
• Internet Chat
There are 3 types of SSL Certificates, the big thing
you will learn about SSL Certificates, is that they are not all created
equal, some SSL Certificates are from ROOT companies, like GeoTrust
or VeriSign, that will work in any browser, not matter how old the
computer is. Some of the newer or off brands, do not work in every
browser and do not work in order computers, they give the user a popup
that says the SSL Cert is invalid.
The first type is Basic SSL Cert just gives you the
encryption and shows up secure in the browser, so that you can do
secure connections online.
he second type of SSL Cert assurance, (which can vary
in levels) requires the certificate authority (the company issuing
the certificate, such as GeoTrust or VeriSign) to verify the purchaser's
business and their authority to purchase a certificate on behalf of
that company. Basic SSL certificates only verify the domain ownership
of the purchaser, and thus have much faster turnaround times since
none of the additional information needs to be verified.
The third type of SSL Certificates the most expensive;
that is the SSL Cert that requires more investigation of your company
and you have to be a corporation in order to purchase the cert. For
all the extra research into your company, the top bar in IE turns
green, to let visitors know it is safe. VeriSign started this kind
of cert, they say people look for it and say it makes them feel safer
but as a computer support company, I never have received a question
about it and there has been no consumer information going to consumers
at this time, to tell them what it all means. You will see a lot of
advertising towards consumers to look for the green bar in there browsers.
We sell GeoTrust and VeriSign SSL Certificates.
What I would recommend for a low profile site, is the
basic SSL cert, most people do not even know the difference between
the different SSL Certificates. Our basic is SSL Cert is $29.95 a
year from Geotrust. Geotrust is a nice brand because they are not
over priced root company but still has one of the best brands out.
For the best brand understanding for your customers and the trusted
brand in the industry we recommend VeriSign. Please feel free to give
us a call or email me with any questions or concerns.
A quick and cost effective starter certificate that provides a up
to 256-bit encryption. This new product is perfect
for companies that want to get up and running with SSL quickly and
easily. A low-priced, value-branded SSL
certificate delivered to you within 10 minutes.
$29.99 a Year
$10 K Warranty, One Domain Name, 10 minutes Issuance, Static Site
Seal, 256-bit SSL Encryption, 99% Browser
Compatibility, Browser Security Lock, Free Revocation and Replacement.
$92.99 a Year
GeoTrust QuickSSL Premium
$100 K Warranty, One Domain Name, 10 minutes Issuance, Dynamic Site
Seal, 256-bit SSL Encryption, 99%
Browser Compatibility, Mobile device compatibility, Browser Security
Lock, Free Revocation and Replacement.
$124.99 a Year
GeoTrust True BusinessID with EV
Green Address Bar EV Upgrader $150 K Warranty, One Domain Name, 1
to 10 Days Issuance, Dynamic Site Seal,
256-bit SSL Encryption, 99% Browser Compatibility, Mobile device compatibility,
Browser Security Lock, Free
Revocation and Replacement.
$433.65 a year