SSL

SSL

What is SSL?

SSL (Secured Socket Layer), is used for sending and receiving sensitive information such as Credit Card information across the World Wide Web. It ensures encrypted/secure communications between the client and receiving server. The SSL protocol supports the use of a variety of different cryptographic algorithms, or ciphers, and most of which provide 40, 56, or 128 bit encryption security.

Key-exchange algorithms like KEA and RSA key exchange govern the way in which the server and client determine the symmetric keys they will both use during an SSL session. The most commonly used SSL cipher suites use "RSA" key exchange, which many of you have probably seen displayed on numerous websites, and next to a provider called "GeoTrust", who issues the SSL Server Certificates. A certificate is used to officially identify you as a legitimate SSL enabled website, and displays your name as the certified holder when visitors check it.

When to use SSL?

SSL is not generally, nor should it be used for all pages on a website. SSL is most commonly used for the sending and receiving of sensitive information such as credit cards, membership ID's, or customer billing information access. SSL need only be used on the "particular" page where the secure activity is taking place. ALWAYS use SSL when asking for credit card information. If visitors do not observe the https// appearing on the form URL, and the "SSL Symbol", does not illuminate in their browser, they won't be doing a whole lot of business with you. No one wants his or her credit card information intercepted and stolen as the result of a site not using SSL encryption!

SSL Usage?

There are two different ways of using SSL. The two are essentially the same, however one will display "VOSN" as the certificate holder, and the other, (which you must purchase) displays "your company" as the certificate holder. Essentially, when visitors click on an SSL enabled page, they receive a message that displays information about the owner of the SSL certificate. In most cases, e-commerce based websites would prefer to have 'their' name appear as the holder because it maintains a professional appearance. Alternatively, and if it matters not, you could simply use our default SSL server, however visitors will see "VOSN" as the owner of the certificate.