SSL and S-HTTP: “Website Security for sending confidential information over World Wide Web”

by brenz | 0 comment

SSL is the short term for Secure Sockets Layer. It is a protocol designed to enable applications to transmit information back and forth securely. Applications that used Secure Sockets layer protocol inherently know how to give and receive encryption keys with other applications, as well as how to encrypt and decrypt data sent between the two. While the S-HTTP is an extension protocol of HTTP to support sending data over World Wide Web. Not all Web browsers and servers support S-HTTP. SSL and S-HTTP have very different designs and goals so it is possible to use the two protocols together. Both protocols have been submitted to the Internet Engineering Task Force (IETF) for approval as a standard.

Some applications that are configured to run SSL include web browsers like FireFox, Internet Explorer, and Google Chrome, email programs like Outlook, Mozilla Thunderbird, Apple Mail app., and Secure File Protocol programs, etc. These programs are able to automatically receive SSL connections. To establish a secure SSL connection, however, your application must first have an encryption key assigned to it by a Certification Authority in the form of a Certificate. Once it has a unique key of its own, you can establish a secure connection using the SSL protocol.

These Technologies are mostly used in e-commerce and banking sites to avoid stealing information from the user. Web browsers automatically notify users when connections are insecure. Your potential E-commerce customers and online banking transactions are used to secure shopping and banking process, and will NOT send their private information unless their browser assures them it’s safe to do so! You cannot offer secure authentication to your customers without an SSL or S-HTTP Certificate. There are cheap SSL certificates out there; you can search over the internet.

Here is some information that might help you to determine whether the website you are browsing has a secure connection.

• When you are logging in at yahoo the left side of your address bar is in colour blue, try to point the mouse over the blue area and it will appear that the website was verified by DigiCert Inc.
• In google, it is also colour blue and was verified by Thawte Consulting (Pty) Ltd.
• In other websites, like website of a bank it has a lock icon on the left side of the address bar.

You can easily notice if the site you are browsing is not verified and has no certificate because it will appear an X on the upper left side of the browser. It means it is not safe to feed confidential information. So I hope this will help all of you.

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment *