Beruflich Dokumente
Kultur Dokumente
As a web developer, I have come across many customers who ask Why do I
need SSL? What will it do for me? This is an important question for anyone involved in
the web to understand. SSL is the backbone of our secure Internet and it protects your
sensitive information as it travels across the world. It keeps the Internet from being
ruled by anarchists and criminals and provides many direct benefits to you and your
customers.
Benefits of SSL
Why use SSL? To Encrypt Sensitive Information
The primary reason why SSL is used is to keep sensitive information sent across the
Internet encrypted so that only the intended recipient can understand it. This is
important because the information you send on the Internet is passed from computer to
computer to get to the destination server. Any computer in between you and the server
can see your credit card numbers, usernames and passwords, and other sensitive
information if it is not encrypted with an SSL certificate. When an SSL certificate is used,
the information becomes unreadable to everyone except for the server you are sending
the information to. This protects it from hackers and identity thieves.
Authentication
In addition to encryption, a proper SSL certificate also provides authentication. This
means you can be sure that you are sending information to the right server and not to a
criminals server. Why is this important? The nature of the Internet means that your
customers will often be sending information through several computers. Any of these
computers could pretend to be your website and trick your users into sending them
personal information. It is only possible to avoid this by using a proper Public Key
Infrastructure (PKI), and getting an SSL Certificate from a trusted SSL provider.
Why are SSL providers important? Trusted SSL providers will only issue an SSL certificate
to a verified company that has gone through several identity checks. Certain types of
SSL certificates, like EV SSL Certificates, require more validation than others. How do
you know if an SSL provider is trusted? You can use our SSL Wizard to compare SSL
providers(link) that are included in most web browsers. Web browser manufactures
verify that SSL providers are following specific practices and have been audited by a
third-party using a standard such as WebTrust.
PCI Compliance
It is also important to know that you take credit card information on your website unless
you pass certain audits such as PCI compliance which require a proper SSL certificate.
Disadvantages of SSL
With so many advantages, why would anyone not use SSL? Are there any disadvantages
to using SSL certificates? Cost is an obvious disadvantage. SSL providers need to set up
a trusted infrastructure and validate your identity so there is a cost involved. Because
some providers are so well known, their prices can be overwhelmingly
high. Performance is another disadvantage to SSL. Because the information that you
send has to be encrypted by the server, it takes more server resources than if the
information werent encrypted. The performance difference is only noticeable for web
sites with very large numbers of visitors and can be minimized with special hardware.
Overall, the disadvantages of using SSL are few and the advantages far outweigh
them. It is critical that you properly use SSL on all websites that require sending
sensitive information. Proper use of SSL certificates will help protect your customers,
help protect you, and help you to gain your customers trust and sell more. If youre
still not sure why SSL should be used on your website, read more of our SSL FAQ
An organization needs to install the SSL Certificate onto its web server to initiate
secure sessions with browsers. Depending on the type of SSL Certificate applied for,
the organization will need to go through differing levels of vetting. Once installed, it is
possible to connect to the website over https://www.domain.com, as this tells the
server to establish a secure connection with the browser. Once a secure connection is
established, all web traffic between the web server and the web browser will be
secure. Browsers tell visitors a website is SSL secure via several visible trust
indicators:
Extended Validation (EV) SSL Certificates (such as GlobalSign ExtendedSSL):
Key distribution
From Wikipedia, the free encyclopedia
In symmetric key cryptography, both parties must possess a secret key which they must
exchange prior to using any encryption. Distribution of secret keys has been problematic until
recently, because it involved face-to-face meeting, use of a trusted courier, or sending the key
through an existing encryption channel. The first two are often impractical and always unsafe,
while the third depends on the security of a previous key exchange.
In public key cryptography, the key distribution of public keys is done through public key servers.
When a person creates a key-pair, he keeps one key private and the other, public-key, is
uploaded to a server where it can be accessed by anyone to send the user a private, encrypted,
message.
Secure Sockets Layer (SSL) uses Diffie-Hellman key exchange if the client does not have a
public-private key pair and a published certificate in the Public Key Infrastructure, and Public Key
Cryptography if the user does have both the keys and the credential.
Key distribution is an important issue in wireless sensor network (WSN) design. There are many
key distribution schemes in the literature that are designed to maintain an easy and at the same
time secure communication among sensor nodes. The most accepted method of key distribution
in WSNs is key predistribution, where secret keys are placed in sensor nodes before
deployment. When the nodes are deployed over the target area, the secret keys are used to
create the network.[1] For more info see: key distribution in wireless sensor networks.