The SSL (Secure Sockets Layer) is a commonly-used protocol for managing the security of a message transmission on the Internet. This protocol is developed by Netscape for transmitting private documents via the Internet. SSL works by using a public-and-private key encryption system from RSA to encrypt data thats transferred over internet and it secures users website by encrypting information and providing authentication. Nowadays, many browsers including Netscape Navigator and Internet Explorer support SSL. Many web sites use the protocol to obtain confidential user information, such as credit card numbers (e-commerce). By convention, web pages that require an SSL connection start with https:// instead of http://.
Digital ID used for SSL transactions. It includes owners public key, the name of the owner, the issuer, hostname, and the expiration date.
If you are creating a web-based form where you want the visitor to enter data and submit the form to the web server for processing, you may want to use SSL (secure socket layer) encryption service. This is especially true if you are entering credit card numbers or other sensitive information.
When using SSL service, as the data is transmitted from the clients browser to the web server, all information on the form is encrypted. Once it is received at the web server it is automatically decrypted, and you can then store it or process it as usual on the web server.
Another technology for transmitting secure communications over the World Wide Web is S-HTTP. S-HTTP (Secure HTTP) is an extension to the Hypertext Transfer Protocol (HTTP) that allows the secure exchange of files and data on the World Wide Web. Not all Web browsers and servers support S-HTTP.
S-HTTP is easily confused with HTTPS (HTTP over SSL). However, S-HTTP and SSL have very different designs and goals so it is possible to use the two protocols together. Both security protocols can be used by a browser user, but only one can be used with a given document.
A major difference is that S-HTTP allows the client to send a certificate to authenticate the user whereas, using SSL, only the server can be authenticated. S-HTTP is more likely to be used in situations where the server represents a bank and requires authentication from the user that is more secure than a user ID and password. SSL works at a program layer slightly higher than the Transmission Control Protocol (TCP) level. S-HTTP works at the even higher level of the HTTP application. S-HTTP was developed by Enterprise Integration Technologies (EIT), which was acquired by Verifone, Inc. in 1995.
SSL certificate transfer:
For windows platform, client have to provide the exported certificate file (*.pfx) and the associated password in order to import the certificate at the server end.
For Linux platform, client provide with the KEYS, CSRS and CRTS in order to Import the certificate, there is some SSL installation charge as well.
SSL pages are slower because of the overhead needed to encrypt and decrypt the data. The web server must spend extra time encrypting the data before it is transmitted to your computer.
Likewise, your computer must then decrypt the information. The same applies when you securely submit information from your computer to the Web server. All this requires your CPU and the Web servers CPU to work harder and therefore might cause pages to load more slowly.
To purchase true Business ID SSL or True Business ID Wildcard SSL, client needs to provide the following document:
i) A formal letter using Organization letterhead stating the Organization is giving the assigned Contact Person permission to use that domain name. Please also make sure that the person signs and prints their name and also includes their title.
ii) Companys business registration documents for Organization. Acceptable documents include Articles of Incorporation, Business License, Partnership Agreement, or other official documentation from your state or local government that confirms your business
http://info.ssl.com/ssl_kb/article.aspx?id=10068
http://support.microsoft.com/kb/q257591/
http://www.freebsddiary.org/openssl-client-authentication.php
