The Secure Sockets Layer (SSL) is a computer based protocol that works to administer server authentication, client authentication and encrypted communication connecting the server and the client.
Whilst SSL security is imperative today to ensure online safety, many of us have very little knowledge on where it came from and how it works.
So, here, is everything you need to know about SSL security and how it works for us:
The history of SSL
SSL was originally developed by Netscape Communications back in the 1990’s. SSL was developed due to the company wanting to encrypt data between its navigator and browser. The primary reason for this was to protect sensitive data such as: credit card numbers and private information about the company itself.
Whilst version one was never publicly released; version two was released in February 1995. However, it took many attempts to get the SSL certificate right due to a number of security flaws.
Version three went through a whole redesign process and was finally released in 1996 and became the ‘defacto’ standard of all internet security tools. The third version was then published by the IETF (Internet Engineering Task Force) as a historical document.
Since, SSL has been overhauled in order to improve any weaknesses that were originally found making it the most secure online security method in the market today.
How SSL works
SSL includes two types of sub protocols which many know as the ‘handshake’. This allows the client to authenticate the server and therefore establish an SSL connection. This is what is known as the ‘first handshake process’ – this allows the server which posses an SSL certificate to present it to the client to authenticate its identity. This allows the server to prove that it is who it claims to be.
Once the server has proven who it is, the client and the server work together to establish a number of settings and shared keys to exchange any information during the session. This allows for confidentiality and honesty from both parties during the session.
This entire process is completely invisible to the user – the only aspect the user will witness is the padlock in the URL box and the use of ‘HTTPS’ rather than just ‘HTTP’. The locked padlock icon will only appear after the server has been fully authenticated.
Once you have established if the website you are using has an SSL certificate you will know whether it is safe to purchase from.