What is SSL?
SSL – or Secure Sockets Layer – is the standard for establishing an encrypted connection between a web browser and a web server. The encrypted connection uses cryptography to obscure the data being sent between the two parties, so that the data remains private and untampered with.
SSL is the only widely deployed solution for encrypting information in transit and is the result of years of collaboration between industry leaders. SSL is used by millions of people every day to secure website connections.
Why Do We Need SSL?
The importance of protecting your data is obvious once you realize the types of information we regularly send across the internet. When you make a purchase online, your credit card number, name and address are sent to a webserver, which could be anywhere across the globe.
When you sign into a website, your login name and password are sent to a webserver, the same login and password that are used to access your most personal and important financial information. The list goes on and on.
SSL has two pieces: the protocol and the certificate. The protocol is the code and procedures which allows computers to handle the encryption. The protocol is open-source and free to use. This has allowed SSL to be widely adopted by all sorts of devices.
The second piece is the certificate, which identifies the specific webserver and works in combination with a unique code used for encryption – called the private key. Each SSL Certificate has a “Subject” which identifies who owns the certificate.
This is always a domain name, and, if applicable, the company operating the website. To ensure SSL certificates are used properly, the subject listed in the certificate is always “validated.”
Validation is a formal process handled by the companies who create and issue SSL certificates – known as Certificate Authorities (CAs). At ODI Technologies, we offer a wide range of certificates from one of the largest trusted CAs – GeoTrust, Thawte, and Comodo.
The purpose of validation is to ensure that the server is properly identifying itself. SSL validation comes in multiple varieties – but at the basic level, it ensures that the domain is owned by the party requesting the certificate. Premium certificates will validate the business that owns the domain.
This allows SSL to perform a technical function known as Server Authentication, which is the second function of SSL. Server Authentication and Encryption work together to ensure that your information is not only sent securely, but also being sent to the correct party.