Secure Socket Layer standard security technology for establishing encrypted connection between web server and browser. Industry standard, protects online e-commerce transactions, communication and prevents eavesdropping. Requires private and public key and SSL certificate - authenticated confirmation of server identity by issuing authority.
SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.
Internet users have come to associate their online security with the lock icon that comes with an SSL-secured website or green address bar that comes with an extended validation SSL-secured website. SSL-secured websites also begin with https rather than http.
Digital Certificates are verifiable small data files that contain identity credentials to help websites, people, and devices represent their authentic online identity.
The Secure Sockets Layer Protocol was adopted by Netscape in 1994 as a response to the growing concern over Internet security. Netscape’s goal was to create an encrypted data path between a client and a server that was platform or OS agnostic.
Netscape also embraced to take advantage of new encryption schemes such as the recent adoption of the Advanced Encryption Standard (AES), considered more secure than Data Encryption Standard (DES).
Certification authorities play a key role in establishing trust in online identities. Since a digital certificate is a statement of the identity of the entity or individual who wishes to be authenticated, a trusted third party is needed to validate the identity attached to the certificate. This third party is the certificate authority whose responsibility it is to deliver authenticated identity trust assurance for online entities.
Certificate authorities (CAs) sit at the apex of the root of trust that allows the secure web, email, and other connections that underlie commerce, government, online communities, and everything else to function without effective interception by outside parties.
There are three types of files associated with an SSL certificate key pair:
The key to understanding how SSL works is to understand the elements that take part in the process. A key element of SSL is the SSL certificate. A public-key certificate, usually just called a certificate, is a digitally signed document that ties the value of the public-key to the identity of the Server service that holds the corresponding private key.
Typically, a certificate contains the following information:
There are many certificate types or standards, e.g. X.509, PKIX Certificate and various encodings, e.g DER, EPM, CRT, CER.
Some popular Certificate Authorities:
Main browsers recognized Certificate Authorities (CAs) list:
The most important and complicated part of SSL is the SSL handshake protocol. This protocol allows both ends to connect each other, authenticating each other, negotiating encryption and exchanging packets. It contains a series of messages transferred between a server and client.
< back to glossary