|
 What
do the letters SSL stand for? |
| SSL is an acronym for
Secure Scokets Layer.
|
| Should
I really be concerned about Internet privacy? |
| Yes. The connection
between your computer and any other technology on the Internet can
be routed through dozens of independent systems, any of which can
easily be monitored. You should consider non-encrypted e-mail, Web
browsing, chatting, and any other Internet use about as private
as yelling to someone across a crowded room.
|
|
What does SSL mean to the average Internet user? |
| When you come across
a Web page that is secured, your browser will likely display a "closed
lock" or other symbol to inform you that SSL has been enabled.
The Web site address should also now start with "https://"
rather than the usual "http://."
In a nutshell, SSL allows a secure connection between
your Web browser and a Web server. This secure information "tunnel"
was developed by Netscape Communications and was based on encryption
algorithms developed by RSA Security.
|
|
Digital certificate? What's that all about?
|
The digital certificate
is similar to a driver's license, and the SSL is comparable to a
car. A digital certificate is the identification card issued by
a Certificate Authority (CA) and used by a server to prove it is
the legitimate source of private information (much like a driver's
license proves to a police officer that a person is who the person
claims to be). Also, just as the state government is the only agency
allowed to issue a valid driver's license, there are only a few
CA's that issue valid certificates your browser will accept, such
as Verisign, Inc.
|
|
Does SSL require a 'digital certificate' and
vice-versa? |
Yes. Digital Certificates
facilitate the public key exchange required to enable an SSL connection.
|
|
What's the difference between 40-bit and 128-bit
SSL connections? |
| Many banks
require 128-bit encryption for online banking because 40-bit encryption
is considered to be relatively weak. 128-bits is about 309 septillion
times (309,485,000,000,000,000,000,000,000) larger than 40-bits.
Equated to the real world, sending information without
encryption is like sending a postcard through the mail—the
contents are visible to practically anyone who wants to see it.
|
|
So how can I tell if my Web browser has 128-bit
encryption? |
Most newer browsers now
support a variety of SSL bit strengths. This ensures browsers are
fully compatible with the majority of Web servers and digital certificates.
If you have an older browser you downloaded without filling out
a brief residency confirmation form, you probably have a 40 or 56-bit
version. Check your browser's encryption preferences to see what
you have available.
|
|
If SSL is so cool, why isn't it "engaged"
on a Web site all the time? |
Because all information
going back and fourth between the client and server is being put
through an encryption process instead of being sent plain, the server
and browser take longer to process this data. The speed difference
may not be noticeable on a single page, but if all of a Web site's
pages were encrypted, the server's performance could be significantly
reduced.
|
