What is Secure Web Hosting and SSL and what are their benefits:
The World Wide Web is not as safe as it used to be which is due to the amount of data and information online that can be read by other people. There are a large number of people called hackers who uncover secret and confidential data about the people who visit your site. It is even possible for them to obtain information such as credit card details or passwords. Many hackers are able to offer a version of your own website and use this to trick other web users. Their version of your site can be hosted on their own server. This is done to obtain details from them. It is possible to battle these people and this is why SSL or Secure Sockets Layer was created.
The Secure Sockets Layer or SSL is a world wide standard security technology, which is developed by Netscape in 1994. It facilitates to establish an encrypted link between a browser and a web server. This link makes it certain that all the data, which passed between the web server and browser remains secure and private. It is recognized by a secured padlock that appears in the browser of the consumers. This protocol is used by a huge number of e-Business providers in order to shield their customer's important information as well as to ensure that the online transactions remain confidential.
Learn about the SSL Certificate:
A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.
Although these issues can be troublesome, customers are unable to see any of the issues and protocols. There is the provision of the key logo to their browser which guarantees a user they are covered by SSL and an encrypted session. Customers can see their details and SSL certificate by clicking on the lock icon which is provided on the screen. On the whole, SSL certificates are granted to respected and accountable individuals and companies.
Information contained within the SSL certificate includes company name, the name of your domain, the city, an actual address, pin code, state and country. There is also the addition of the expiration date when the Certificate cannot be used after. There are also other details pertaining to the Certification Authority, the firm that provides the Certificate. If you have a SSL certificate, when you attempt to connect to a secure site, this will find the SSL certificate which is used by the site. A verification process that the SSL certificate of the other site is a genuine one to be trusted and is being used by the site that it has been allocated to. Similarly, the expiration date of the other site will be examined. If at any point an error is returned, a warning message will be provided to the user.
The consumers are now much more comfortable with the golden padlock, which appears within their browser display. It is now considered as an indication of trust in the web site. In fact, this simple fact gives an e-Business provider an opportunity to influence the increased trust level in order to transform visitors into paying customers. All kinds of ecommerce shopping carts and sites that allow you to collect secure information on your website use SSL Certificates. However, it is also essential to keep in mind that while you use a secure server certificate with a form and get the result emailed to you, the email is not secure at all.
Brand new functions:
There is an improved version of SSL v2 and it is called SSL v3. This version offers support for authenticating certificates and it now has SHA-1 based ciphers. It is true that some flaws were in SLL v2 such as when cryptographic keys were indistinguishable in addition to the authentication process for messages. There was also no provision in the previous version to secure the handshake process which meant that a downgrade attack from the "man in the middle" could occur with no one being any the wiser.
Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.
Do you require an SSL Certificate:
* If privacy of others and yourself as well as a need to have trust in your site is important, then the purchase of the SSL certificate is vital.
There is a need for offices that have intranet usage where information is being distributed to obtain an SSL certificate.
* It is also advisable to get an SSL Certificate in case you have offices, which share confidential information over an intranet.
For businesses that have a number of partners who share and provide information on an extranet system, having an SSL certificate is able to offer more protection from hackers.
* If in case your business partners log in to private information on an extranet, an SSL Certificate helps you to protect them from hackers.
Some helpful information about purchasing SSL Certificates:
* The Certificate Authority market is quite diverse, but it is better to purchase an SSL Certificate that meets your requirements as well as budget. You can find a number of Secure Sockets Layer Certificate in different price range. The Open Directory Project identifies 22 third parties and offers over 20 root certificates that are included into Firefox and Internet Explorer. However, due to its price, it is dominated only by a few major firms.
* A survey undertaken in June of 2005 by Netcraft set out to find the names of the biggest providers of SSL certificates. This was backed up in 2007 when Security Space attempted a similar search. The top ranker was found to be Equifax, through its Geotrust arm (www.equifax.com), the next was VeriSign plus which utilized their Thawte subsidiary (www.verisign.com) as well as GoDaddy/Starfield (www.godaddy.com),, Comodo (www.comodo.com) and Digicert (www.digicert.com).
In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.
About the Author:
Published with permission from WebHostingMadness.com. WebHostingMadness.com provides comprehensive reviews and ratings of the best hosting companies on the Internet.
No comments:
Post a Comment