Introduction to Secure Socket Layer (SSL)

What is SSL?

Secure Socket Layer (SSL) is a tool that is used to encrypt data that is being transmitted to and from a web server. When a user directs the browser to connect to a web server with SSL, the browser is asked by the server to confirm its identity. The confirmation is typically done by a third party vendor that utilizes cryptography.

Most current browsers are preconfigured to accept secure socket layer authentication through vendors that have been established. Verisign SSL is an example of such established corporations that provide data encryption. This technology is popular in businesses that operate on the Internet such as in e-commerce and internet banking.

Who should use SSL?

Any company that accepts personal information including address, telephone number, date of birth, and credit card information should utilize SSL technologies. The use of cryptography products such as Verisign SSL gives the customers a sense of comfort knowing that their data is safe.

E-commerce and internet bank sites should always use a strong form of secure socket layer as individuals financial information is being passed along in the Internet from the customer to the server. A good rule of thumb to use is would you care if any information you request of your customers is broadcasted for the internet to see.

Are all SSL the same?

Not all SSLs are equal. Depending upon a company's needs, there may be different secure socket layers utilized. A self-signed SSL certificate is one that the server signs without a third party vendor. These SSL certificates are essentially useless as any individual can create them. Domain valid certificates are the base line of SSL certificates that checks to ensure that the certification matches the domain and certificate owner.

The most common SSL is a fully authenticated SSL certificate. This certificate is not immediate, as it requires the third party vendor to ensure that the business, ownership of the domain, and user's authority does exist. Code signed certificates and extended validation SSL certificates are higher levels of encryption that enterprises may wish to choose.

What is required to use SSL?

To utilize a secure socket layer it is required to purchase the service from a third party vendor. This company will create a specific socket layer for your web server, and send it to you where you or your webmaster will install on the server. The only difference that the client will ever notice is the use of 'https: //' instead of the standard 'http: //'