| Cryptography Knowledge
Base : SSL
SSL (Secure Sockets Layer)
is a protocol first designed by Netscape. It specifies a platform and
application independent way of establishing and using a secure internet
line. What this means is that it doesn't matter where the protocol is
implemented (on UNIX, Windows or MacOS), the same implementation
is used. This is ideal for many reasons, the main one being interoperability.
For example, people using different programs, on different Operating
Systems, can communicate freely. There is also no charge for implementing
it, which encourages its free use by the software community.
It operates on two levels: At the first level it provides basic communication
services over a system such as TCP/IP. This provides a basic platform from
which the second level works. The second level consists of a set of protocols
which allow various commnication hurdles to be overcome. For example the "Handshake" protocol
allows the establishment of a session key (see a better breed and symmetric
encryption) and authentication, or proof that both server and client are
who they say they are (see digital signatures).
SSL Certificates hold information about what web-servers. They contain
information about the owners of the certificates, the server to which the
certificate was sold, when it was sold and when it expires. They facilitate
the secure transmission of information and the authentication (identification)
Cryptography FAQs : About
What's this "Secure Web Site" all about?
Web browsers can operate
in "normal" mode and in "secure" mode. You can tell which mode your browser
is in by looking at the toolbar at the bottom of the browser window. If
you see a broken key, or an open padlock, you are in normal mode. If the
key is whole, or the padlock is closed, you are in "secure" mode.
When you surf the Net in "normal" mode, all of the information you type
into your browser and all the information the Web site sends to you are
visible to eavesdroppers. When your browser is in "secure" mode it encrypts
all the information between itself and the server. Encrypted information
looks like meaningless garbage to eavesdroppers, so your personal information
What is a Digital Certificate?
A digital certificate contains
the name of a company, Web site or individual, along with a cryptographic
key that can be used to encrypt information that must be sent to that individual.
When your browser switches into secure mode, it asks the Web site to present
its certificate. The browser decides whether or not it trusts the certificate
by looking at who issued it. If the browser trusts the certificate (as
it does those issued by Thawte), then it will encrypt all communications
with that Web site, using the cryptographic key in the certificate.
What else can certificates
be used for?
Certificates can be used
to make Web servers run in secure mode. They can also be used to sign and
encrypt email messages, and to digitally sign software so that it will
What is a Certificate Authority?
Thawte is a certificate
authority! The CA, or certificate authority, signs certificates. Thawte
is a global CA, with offices and representatives in more than 20 countries.
We issue digital certificates to many of the Web servers doing e-commerce
today, and have issued tens of thousands of certificates to people securing
their email, too.
1071 NW 54th St.
Ft. Lauderdale, FL. 33309