Have you ever ordered some products over the web? Ever noticed the little lock icon in the corner of the browser windows? It’s actually surprising how little we know about the security we rely on to keep our transactions secure. SSL is what protects the majority of our online transactions..
But first – SSL stands for Secure Socket layer, written by Netscape in the 1990s for the Netscape Navigator browser. This browser was the very first to offer secure and reliable e-commerce features. It addressed the problem that when browsing the web anyone could spy on your communications. The issue is mainly due to the complete lack of security in the HTTP protocol, which means that it is not safe to send your credit card or any personal details across the web.
Netscape designed this first protocol, designed to allow two computers to talk securely to each other.. This made it impossible for anyone to read the messages being sent apart from the two computers involved.
The way it works is for the owner of the web server to get what’s called a digital certificate from a company called a certification authority (CA). Each certificate comes with a link to the company that issued it, and eventually ends at what’s called a “root” CA.
Every browser has a list of CAs that are considered “trustworthy.” When you make a secure connection to a web server that has a digital certificate, your browser traces up what’s called the “chain of authority” – checking each certificate to see if the CA that issued it is in the list. If the browser gets all the way back to the root CA without finding it in the list, you get a warning that this certificate is not trusted.
When a certificate is not trusted, you don’t know for sure that the information listed in the certificate – the company name, address, phone number, etc. – is accurate. Trusted CAs verify business licenses and contact information. Any of the Other CAs may not. But even if the contact information isn’t verified, the traffic between your browser and the web server is secure from eavesdroppers.
Once the browser has established that you want to trust this web site’s certificate, whether because the CA is in the browser’s list or you confirm your trust in the warning dialog, the two computers will exchange “keys.”
A “key” is just a large number that is mathematically related to another number in a very specific way. The way these numbers are chosen is complex; explanations of the process tend to start with things like “Agree on a finite cyclic group G with a generating element g in G.”
Many people seeking to understand cryptography often find it easier to pretend it’s magic !.
Each computer will create two keys. The special mathematical relationship of these keys guarantees that any data encrypted with one key can only be decrypted with the other. One of these keys is kept secret, and the second is sent to the other machine.
Once the keys are exchanged, each machine uses its own secret key and the key received from the other machine to encrypt any data it sends. When the other machine receives the data, it will decrypt the data using the two keys it has.
Because the keys will only decrypt data encrypted with the matching keys, each machine knows both that the message came from the same machine, and that it was intended for this machine. This ensures that the data is secure and nobody can intercept it.
If you are concerned about your privacy online, and you want to protect your anonymity, then there is a way. Protect your privacy online and your identity by surfing through a High Anonymity proxy. To learn about other privacy issues read this blog – Online Privacy protection
Tags: learn ssl, secure ssl, securty ssl, ssl information, ssl security, what's ssl