Best Store LLC Home About Best Store LLC Best-Store.com services Business articles Business Tools Downloads Support Ebooks Sale - Digital Books for Download

Start a Business Franchise


eBay Formula!		 Get it from CNET Download.com!
Google
 
Web www.best-store.com
FOR YOUR BUSINESS
Incorporate Business Online
Communications - Wireless Phones
Business Opportunities
Business Plans
Print Business Cards, Letterhead
Computers and Office Supplies
Money Transfer
Accept Credit Cards Today
Software
Travel - air, hotels, cars
BUSINESS ON THE WEB
Create a Website
RSS Technology
Marketing, Web Promotion
Banner Exchanges
Thawte SSL certificates
eBooks, Books
Training: HTML, Programming
Online Tools, Software
Internet Access: DSL, T1
Submit Your Article or Link
BUSINESS PORTALS
Kiosk Market
Vending Business
Franchise Opportunities
Caribbean Travel
Florida Real Estate
Data recovery
Uzbekistan Trade
Kazakhstan Market
International Yellow Pages
FEATURED LINKS
Business Software
Business plans
Curacao
Kickboxing
First State Ballet
eBooks
Psychology
www.DelaCar.com
Kiosk News
How to Get Rich
Logistics and Procurement
Russian Women
Delaware Real Estate
Batch printing and convestion
Batch image converter 3Plus
Clever atch Image Converter
Mobil Ringtones, Games, Sounds
Kiosk Industry Resources
MP3 Music Downloads
Free* Wireless Phone!
GoToMyPc.com
SpamArrest.com
www.Corporate.com
www.Axandra.com
www.BoxedArt.com
Other Links
FEATURED PRODUCTS

 

Form your corporation or LLC online in 10 minutes or less. Reliable and easy-to-use, we have everything you need to get it done right. 
Incorporate or form LLC today
 
 
   
Thawte SSL certificates, 
 

Thawte SSL certificate

what is an SSL certificate?

SSL (Secure Socket Layer) is a protocol developed by Netscape that enables a web browser and a web server to communicate securely. Security is provided in two different ways:

- Authenticating the web server to the client using a digital certificate;
- Encrypting all information sent

The SSL protocol requires that the web server should have a digital certificate installed in order to make an SSL connection. This is where thawte comes into the picture.

Through an SSL-enabled web server and a thawte SSL certificate, a customer connecting to a secure web site is assured of three things:

Authentication: The Company that installed the certificate is the true owner of the website.
Message privacy: Using a unique session key, SSL encrypts all information exchanged between your web server and your customers, such as credit card numbers and other personal data. This ensures that personal information cannot be viewed if intercepted by unauthorized persons.
Message integrity: The data cannot be tampered with over the Internet.
SSL is the de facto standard for securing Internet transactions and is implemented by all major software vendors. Your users do not need any installation of additional software on their server or browser. When implemented correctly the process is seamless to the user.

Sign Up Now!

how does an SSL certificate work?
The browser asks to start a secure session with the server.
The server returns the site's certificate.
The browser checks the certificate information for validity
The browser creates a session key, which is encrypted with the server's public key, which is then sent to the server
The server then decrypts this information using its private key.
Both the browser and the server now are using the same session key

You can control which method and strength of encryption is required. There are options that allow you for example, to see if 128-bit encryption is supported by the browser. If you have a policy of enforcing very strong encryption, then you can send a message back to the user suggesting they download a 128 bit enabled browser.

Once both the browser and the server are using the same secret key for encrypting and decrypting their information, they can then have a certain amount of comfort in knowing their information cannot be intercepted and decoded by a third party. Of course, this depends on whether strong or weak encryption is used.

For the visitor to your site, the little lock icon will appear on their browser. As long as you continue to use the https: protocol, everything between the browser and your scripts are encrypted without you having to worry about the details.

SGC 128-bit vs. SSL Web Server Certificates 

The difference between a SSL Web Server Certificate and a 128-bit SuperCert is that the 128-bit SuperCert will step-up or force a weak US export browser to connect at 128-bit, while the session strength with a regular SSL Web Server Certificate will depend upon the cipher support on the client and server side.

Therefore with the 128-bit SuperCert the browser initiates a normal SSL connection. When it sees the special flag in the 128-bit SuperCert and verifies that the 128-bit SuperCert was issued by a recognized, licensed Certificate Authority (thawte), it restarts the connection, but this time acting as a fully secure 128-bit capable browser, and creating a 128-bit key to protect your communications with that web server.

Although only browsers from IE 5.01 and Netscape 4.7x and above are supported, if an older browser tries to connect securely, the SuperCert will not step-up the connection to 128bit but rather the browser will connect at browser default strength, because older browsers prior to IE 5.01 and Netscape 4.7x don't contain the "SGC" or "Step-Up" enhancements to the basic SSL protocol.

The SSL Web Server Certificate is capable of 40/56 and 128-bit encryption. When you reference a domain name through https in order to invoke an SSL session, a session key is generated this session key is created when your browser connects to the Web Server. The strength of this "session" depends upon the cipher support on the server and client side. So for example if you have a 128-bit browser and your
Web Server software supports 128-bit encryption then you will establish a 128-bit connection. But if you connect with a 128-bit browser and your Web Server software only supports 56-bit encryption you will connect at 56-bits.

what is SSL crypto strength?

SSL (Secure Sockets Layer) provides encryption between web browsers and web servers. This encryption, based on the RSA algorithm, can be done at different strengths, depending on what the software supports at each end (i.e. the web browser and the web server).

The strength of the encryption is typically specified by the size of the session key (a unique value involved in the encryption that differs for every customer every time he/she visits the site). The session key can be either 40 bits, 56 bits or 128 bits in size.

Cryptographers consider 128-bit encryption impossible to crack, as it would take millions of years with the fastest computers to try all the combinations. On the other hand, 40- and 56-bit keys are not as strong and it is feasible to try all the combinations.

Historically, the USA restricted the export of strong encryption products. This meant that the browser versions developed for export from the US were not automatically enabled to encrypt communications using 128-bit encryption. All secure communications using these international browsers used 40-bit encryption. It is important to realize that a substantial number of browsers used in the US today are international browsers. So even if you only serve US customers, you may still require a SuperCert to provide them with the strongest possible encryption.

what are SuperCerts? 

SuperCerts are SSL certificates that allow international browsers to step-up to 128-bit encryption. Internet Explorer 5.01, Netscape Communicator 4.71 and later browsers recognize thawte's SuperCerts. In a nutshell - SuperCerts will bump up the encryption level to 128 bits, even when communicating with the latest 40-bit browsers.

why all this documentation?

Before thawte can issue your Digital Certificate, we fully authenticate that your organization actually exists. We do this using appropriate government issued documentation. We need to do this to verify that:

 We are issuing it to the correct company
The company owns the Internet domain name in the request.
The company is registered in one or more countries.
The registered company name is the same as the name on the certificate request.

Sign Up Now!
 





Banner 10000180

 

 
 

© 2007 Best Store LLC. All rights reserved.