Enhancement of data transfer safety level and the growth of the SSL technology is due to the increasing number of online transactions.

Daily used, the SSL protocole is totally transparent and works without any manipulation from the webuser.

What is it ? How does it work ?

• What's SSL ?
• What's a digital certificate ?
  
  

• The server certificate
  
• The developer certificate
  

What's SSL ?

Developed by Netscape, the SSL (Secure Socket Layer) or TLS (Transport Layer Security), is a protocole used to secure online transactions.
 
It has several missions:

• Authentify the server
  
• Guarantee the confidentiality of exchanged datas
• Assure those datas integrity
• Optionaly identify a client through its digital certificate
  

HOW DOES IT WORK ?

The SSL protocole creates a communication channel between a client and a server independently from the protocole, it secures online transactions (HTTP protocole) as well as FTP, IMAP or POP protocoles connexions.

That communication channel is an opaque tunnel that prevents anybody to see the content of the transaction.

In a schematic way:


It can be compared to the mechanism of a lock (public key) and its key (private key):

The privet key is saved on the server.
The public key, known by anybody encrypts sending datas, that are decoded on the server by the privet key.



What's a digital certificate ?

A SSL certificate is a digital ID whose goal is to identify the owner of a server, a website or an Email address.

It is issued by a trusted third part called a certification authority,such as Thawte,that testifies the certificate's owner identity.



The server certificate

To make the SSL security work (for online transactions for example) a server certificate is required.

A server certificate carries:

• The name of the privet key owner
  
• The name of the certification authority that has issued the certificate
• The certificate validity period
  
• A serial number...

WHAT DOES THE WEBUSER SEE

When surfing, a webuser can see information about websites on the address bar.

On Firefox 3 :


Firefox 3 discerns 5 kinds of websites according to the information they deliver. Each kind owns its proper warning alert:


GREY : No information about the identity of the website's owner.The website does not carry any certificate.

BLUE : Primary safety level. You can access some information about the website, the domain has been certified and a secured connexion exists between the browser and the server,even though the website owner isn't known.

GREEN : High safety level provided by an EV certificate (extended validation). All the information about the website's owner are known. The connexion between the client and the server is entirely encrypted. The green bar is displayed.

YELLOW : The website's certificate is disabled or contains false information.

RED : Appears on websites registered on your browser's known dangerous websites list.The access of the website is submited to your full acceptance.

ON OTHER BROWSERS :


SAFETY LOCK DISPLAY :



The developer certificate

The softwares massive downloads  help digital virus to spread.
To protect webusers,software developers have to be known.

Digital certificates developed by Microsoft and Sun enable developers to sign their work.

When a webuser's downloding a software, a dialogue box appears that gives information about the developer.

Unknown developer		Known developer

That way he can decide to download the application or not.That kind of certificate is issued by Thawte.

Important: That kind of certificate can't be sold to private individuals. They can be issued to organizations (companies, associations...). The technical and administrative contacts must be part of the certificate's owner organization.

Sales department +33-2-7630-5901 ventes@tbs-certificats.com

contact