SSL: A protocol designed by Netscape Communications to provide encrypted and authenticated communications across the Internet.
SSL is layered beneath application protocols such as HTTP, SMTP, Telnet, FTP, Gopher, and NNTP and is layered above the connection protocol TCP/IP. It is used by the HTTPS access method. SSL is used mostly (but not exclusively) in communications between web browsers and web servers. URL’s that begin with "https" indicate that an SSL connection will be used. SSL provides 3 important things: Privacy, Authentication, and Message Integrity. An SSL server secures an HTTP session by encrypting the information exchanged between a client and the server.
HTTPS: A variant of the standard HTTP Internet protocol, used for handling secure transactions.
Netscape Navigator and Microsoft Internet Explorer 4 (IE4) support a URL access method, "https", for connecting to HTTP servers using SSL. HTTPS is simply SSL underneath HTTP. You need to use "https://" for HTTP URLs with SSL, whereas you continue to use "http://" for HTTP URLs without SSL. The default "https" port number is 443, as assigned by the Internet Assigned Numbers Authority. MORE
S-MIME: A specification for secure electronic mail. S-MIME was designed to add security to e-mail messages in MIME format. The security services offered are authentication (using digital signatures) and privacy (using encryption). MORE
The RFC describing security mechanisms for Internet Protocol version 4 and IP version 6 and the services that they provide. Full text.
A digital certificate which may be used by the SSL protocol to establish a more secure connection. Each side encrypts what it sends using information from both its own and the other side’s Certificate, ensuring that only the intended recipient can de-crypt it, and that the other side can be sure the data came from the place it claims to have come from, and that the message has not been tampered with. Security Certificates contain information about who it belongs to, who it was issued by, a unique serial number or other unique identification, valid dates, and an encrypted "fingerprint" that can be used to verify the contents of the certificate.
Thawte and Verisign provide Secure Certificates. Both certificates are widely recognized by today's web browsers.
http://www.verisign.com
$349.00
http://www.thawte.com
$100.00
The steps to getting your own secure server are:
The issue of security has arisen regarding the processed mail form going from the secure site to unsecure e-mail (where all forms processed by form mail goes).
With the rising demand for security over the Internet, requests for secure features have increased for web hosting. Our ISP has addressed this need with the implementation of PGP-based encryption for information processed by our secure servers. We use secure server space (information is processed/transferred through the SSL, Secure Socket Layer) to handle your sensitive information (online order forms, etc.). Additionally, we offer the means to secure information sent to you via SSL/on-line forms. The information is encrypted both on the server and in transit all the way back to your work station(s). We are pleased to offer PGP (Pretty Good Privacy) to our customers as a means of actually encrypting the e-mail (which can only be decrypted on your end using the PGP public/private key system). The combination of SSL and PGP maximizes the security of on-line transactions. Before implementing the use of PGP, you may want to become familiar with the whole dynamics of the PGP system by visiting some of the links below for more information. You will also need to get the PGP program (available as freeware and in commercial applications, as well as available for different OS platforms [like Macs and Windows systems] and in different languages) from one of the links below. Since PGP can be rather complex, we do not go into great detail on our site about the usage or configuration of PGP (because it can be different from system to system and version to version), therefore, we recommend that you thoroughly read any available documentation.
You can download PGP from any of these sites:
You can find PGP information (manuals, FAQ's, etc.) from any of these sites:
What is security on the Internet?
The Internet works by sending information from computer to computer until the information reaches its destination. When information is sent from point A to point B, every computer in between has an opportunity to look at what's being sent. This can pose a security problem.
For example, suppose you are viewing a clothing catalog on the World Wide Web and you decide to buy a shirt. This requires that you type information into an order form, including your credit-card number. You know the clothing company in question is reputable, so you type your credit-card number and other information, and then send the completed form. Your information passes from computer to computer on its way to the clothing company. But suppose one of the computers in between has been infiltrated by criminals who watch the data passing through that computer until they see something interesting, such as your credit-card number.
Another security problem relates to how files and programs are sent and received between Web sites and your computer. With no security protection, you could run or download files and programs from the Internet that can damage your computer and the information stored on it.
How often do things like this happen? It's hard to say, but the important thing is that they're technically possible. And, as the Internet grows, they could happen more and more.
How does Internet Explorer help protect you and your data?
Because there is wide variation in how trustworthy Web sites are, Internet Explorer enables you to assign any files you can open or download—from files on your computer to files on the Internet—to "security zones." You can set different levels of security depending on where Web information comes from and how much you trust it.
Many Internet sites are equipped to prevent unauthorized people from seeing the data sent to or from those sites. These are called "secure" sites. Because Internet Explorer supports the security protocols used by secure sites, you can send information to a secure site with safety and confidence. (A protocol is a set of rules and standards that enable computers to exchange information.) When you are viewing a page from a secure site, Internet Explorer displays a lock icon on the status bar.
Internet Explorer can also notify you when you are about to do something that might pose a security risk. For example, if you are about to send your credit-card number to an unsecure site, Internet Explorer can warn you that the site is not secure. If the site claims to be secure but its security credentials are suspect, Internet Explorer can warn you that the site might have been tampered with or might be misrepresenting itself.