Do I need SSL (TLS) ? | SEO Articles
MidNight Blu
  Home     About    Directories List     Tools     Articles     Directory  
Articles Getting Started
Design & Layout
Advertising
Google Adsense
Google Adwards
Internet Marketing
Search Engine Optimization
Hosting
E-Commerce
Affliate Programs
Tools Search Engines
Domain Checkups

Do I need SSL (TLS) ?

If your Web site includes e-commerce transaction facilities like a shopping cart, or if you include forms that gather personal information like drivers’ license, bank account or identity numbers, you probably SSL/TLS. SSL helps prevent identity theft.

SSL and TLS are technology for secure acquisition of sensitive information from Web site visitors and customers. SSL stands for Secure Socket Layer. TLS, which is the protocol that is replacing it, stands for Transport Layer Security, but most people still use the old name. SSL/TLS provides a secure, encrypted link between the Web server and the browser of the visitor on his or her computer. It ensures that all data passed between the web server and browser remain private and integral. SSL/TLS is an industry standard. It is used by millions of Web sites to protect transactions.

Given the proliferation of identity theft and of insecure Wi-Fi connections, secure connections are assuming greater importance. For Web shopping carts it is mandatory.

To generate an SSL link, a Web server requires an SSL Certificate. These come in two flavors. An SSL certificate may be generated for a Web site that has its own SSL mechanism or it may be generated for another Web site that offers SSL services. The latter is a shared SSL certificate.

When visitors are entering data using SSL, a padlock icon appears in the browser status bar.

SSL certificates are issued to legal “persons” - either corporate entities or legally accountable individuals. The SSL certificate will usually include the domain name, the name of the company or individual who owns the certificate, and the address of the owner. It will always include the expiry date of the certificate and details of the Certification Authority responsible for issuing the certificate.

When the visitor’s browser connects to an SSL-secure site, it retrieves the site’s SSL Certificate and it checks the expiry date to ensure the certificate is still valid, checks if it is issued for the site that is being contacted, and checks that the certificate issuer is a trusted authority. If any of these checks fail, the browser may issue a warning. The warnings can frighten some visitors, so it important to make sure the certificate is not expired, is issued by a firm that is in the “trusted” list and preferably is issued to your site, rather than being shared.

This entry was posted on Monday, January 7th, 2008 at 5:16 am and is filed under Getting Started. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

« Unix or Windows based hosting? Should you have a Shared (Dynamic) or Dedicated (Static) IP Address? »

Advertising