Secure
Socket Layer/ email
certificates
Summary:
SSL
certificates come in two flavors- browser to web & server to server.
The type and strength is key to establishing identity and level of
encryption required. Charges are based on the type of certificate issued
and the duration. Personal certificates are free for use with
Purpose:
To
provide a source for an established "Certification Authority"
to achieve authentication and to help establish security for internet
transactions
of various types. To provide a free source for individuals
to obtain a personal email certificate.
Order-
Server Gated Webserver/
SSL123
SSL Certificate
Advice:
Acquiring your certificates directly from a trusted source is
extremely important in building Customer confidence. It
shows the people you are doing business with you are serious about their
security.
A trusted "third party" means you or your Customer have no influence
in the authentication process. So, this third party has not vested
interest in either party that would influence them in providing
a false or misleading identity. They can not verify the information
exchanged is accurate but they can verify the origins to the exchange.
Thawte
was one of the first companies to establish
themselves as
a trusted
third party on the internet in the mid-1990's.
They are part of the VeriSign group of
companies (VeriSign Inc -NASDAQ: VRSN).
Information is a critical asset to your business. To ensure the
integrity and
safety of your information, it is important identify yourself
and the data or services that they will be
is trustworthy. Authentication can help establish
trust between parties involved in all types of transactions by
addressing a
unique set of security issues including:
Spoofing:
The low cost of website design and the ease with which existing
pages
can be copied makes it all too easy to create illegitimate websites
that
appear to be published by established organizations. In fact, con
artists
illegally obtain credit card numbers by setting up professional
looking storefronts that mimic legitimate businesses.
Unauthorized Action:
A competitor or disgruntled Customer can alter your website so
that it
malfunctions or refuses to service potential clients. Or even worse,
steals, uses or sells this data.
Unauthorized Disclosure:
When transaction information is transmitted “in the clear”,
hackers can
intercept the transmissions to obtain sensitive information from
your Customers. Someone may just viewing your pages but
when it comes to parting with their personal and financial information,
you need to provide assurance it will be treated with respect &
that you have taken security measures to earn it.
Data Alteration:
The content of a transaction can be intercepted and altered en
route,
either maliciously or accidentally. User names, credit card numbers
and
currency amounts sent “in the clear” are all vulnerable
to alteration.
Method:
Your
organization needs to purchase the right certificate services to meet your
needs and to update it on a regular basis. An expired certificate
is exposed by most browsers, which in itself- alerts your potential Customer
to security problems.
When you request a certificate you generate
a key pair on your server – a
public
and a private key. When a key pair is generated for your business, your
private
key is installed on your server.
Your private key creates digital signatures that effectively serve as
your online
company stamp. It is essential that this key is kept as secure as possible
and up dated.
There
are two broad areas of application for SSL certificates:
1.- Securing Browser to Web Server Communication
Securing of browser to web server communication is currently the major
application
and is most frequently applied to ecommerce websites to secure transfer
of payment
information. The type of data that is considered sensitive is currently
expanding
from financial data to include all personally identifiable information
including identity
and social security numbers, and increasingly e-mail addresses.
2.- Securing Server to Server Communication
More and more companies are turning to SSL certificates to secure server
to server
communications. This is an area of application which provides companies
with
various options for improving data security and network privacy. At present,
securing
communication between e-mail servers is the most common application although
it is also possible to secure ftp sites, database and application servers
amongst
others.
When is the Deployment of SSL Certificates Appropriate?
The decision to deploy SSL certificates revolves around the importance
attached to
security of online data transfer. For instance, if you are handling financial
transactions
on your web site, there is no question that SSL certificates are required.
If you are
managing sensitive customer data such as social security numbers or identity
numbers,
the use of SSL certificates is worth serious consideration – especially
if customer/member
security and privacy is high on your list of priorities.
From a business stand point, the deployment of SSL certificates provides
customers/users with the assurance that they will not be exposed to any
risks
associated with transmitting data over an open network. This in itself
has many
benefits to your business, most of which flow from increased trust when
dealing with
your organization online. So, if your business relies on establishing
relationships of
trust with customers in order to facilitate online transactions, then
the deployment of
SSL certificates is essential.
Should you lose your private key, you will no longer be able to use your certificate. For this reason it is essential that you make a back-up of the private key as a best practice for ongoing key management.
Types:
SGC SuperCerts
A SGC SuperCert from thawte will allow you to extend 128-bit encryption to your
clients, even
if they use one of the following older browsers: IE 5.01 and Netscape 4.7x and
later – which
are limited to 40-bit or 56-bit encryption capabilities. These are the certificates
of choice if you
are securing highly sensitive information and 128-bit encryption is a preference.
SSL Web Server Certificates
The thawte SSL Web Server Certificate is capable of 128-bit encryption
depending on the
level of encryption supported by the client's browser. These certificates
are an ideal product for
organizations that are serious about doing business online and recognize
the value and benefits
of having their verified organizational details included in the certificate.
SSL123
Certificates
SSL123 is a secure domain validated certificate capable of 128-bit encryption
depending on the level of encryption supported by the client's browser. This
product can be issued within minutes and is ideal for businesses wanting to set
up basic security between their website and their online users as well as general
applications such as securing intranets.
Personal E-mail Certificate- for IE & Outlook
Yes, you can get a free personal e-mail certificate. The thawte Web of Trust (WOT) is a Certification system that allows the identity of individuals to be validated for use in Personal E-Mail Certificates.
